Draft 04-January-2000: Errors and typos from Gregor Karlinger on 2000-01-12 (w3c-ietf-xmldsig@w3.org from January to March 2000)

From: Gregor Karlinger <Gregor.Karlinger@iaik.at>
Date: Wed, 12 Jan 2000 11:08:00 +0100
To: "Joseph M. Reagle Jr." <reagle@w3.org>
CC: ML W3C XML-Signature <w3c-ietf-xmldsig@w3.org>
Message-ID: <387C5280.88AD120@iaik.at>
I have found the following errors and typos in our latest draft:

###########################################################################
Section 2.3., paragraph 5:

"... For example, if the resource being signed encloses the signature 
 itself, such a transform must be used to exclude the signature value 
 from its own computation "
                         ^
                         Period is missing.

###########################################################################
Section 2.3., paragraph 6:

"... Additional canonicalization, coding, XSLT, and XPath based transform 
 algorithms are specified as recommended or optional;" 
                                                    ^
                                        Period instead of semicolon.

###########################################################################
Section 3.3.1, Schema Definition:

"<element ref='Parameter' minOccurs='1' maxOccurs='1'/>"
                                     ^             ^
Should be replaced by the following since an Algorithm can have an 
arbitrary number of Parameters.

"<element ref='Parameter' minOccurs='0' maxOccurs='*'/>"

###########################################################################
Section 3.3.3, last paragraph:

"... (e.g. manifest, package, signature properties, document) ..."

Capitalize proper names:

"... (e.g. Manifest, Package, SignatureProperties, document) ...

BTW: Can anybody tell me what is the meaning of document? This is not
mentioned anywhere else in the draft.

###########################################################################
Section 3.4, Schema Definition and DTD of Element KeyInfo:

The content model is inconsistent:

Schema Definition:
"<group order='choice' minOccurs='1' maxOccurs='1'>"

DTD:
"(KeyName | KeyValue | SubjectName | RetrievalMethod | x509Data | PGPData 
 | MgmtData)*"

There are two possibilities:

a) KeyInfo can contain exactly one child element; then Schema Definition
   is OK and the asterisk has to be omited from the DTD

b) KeyInfo can be a repeated choice of its children; then maxOccurs must
   be changed to maxOccurs='*' in the Schema Definition and the asterisk
   must be replaced by a plus sign in the DTD.

###########################################################################
Section 3.4, Schema Definition Element X509Data:

The Schema Definition contradicts the textual description:

Schema Definition:
"<element name='X509Certificate' type='string' minOccurs='0' maxOccurs='1'/>"

Textual description:
"X509Data contains ... an optional collection of certificates  ..."

I think the textual description is correct, so the Schema Definition should
be updated with:

"<element name='X509Certificate' type='string' minOccurs='0' maxOccurs='*'/>"

###########################################################################
Section 3.4, DTD content model for Element X509Data:

The DTD content model contradicts both the textual description and the 
Schema Definition:

"((X509IssuerSerial | X509SKI | X509Name),(X509Certificate | X509CRL)*)"

Complying with the suggested error correction above the content model should
be replaced as follows:

"((X509IssuerSerial | X509SKI | X509Name), X509Certificate*, X509CRL?)"

###########################################################################
Section 3.5, Schema vs. DTD content model for Element Object:

Schema:
"<type content='mixed'>"

DTD:
"<!ELEMENT Object ANY>"

The mixed content model is expressed by the attribute value 'mixed' in
Schema and by the keyword "#PCDATA" in a DTD. So please change DTD part with

"<!ELEMENT Object #PCDATA>"

###########################################################################
Section 3.5, DTD comment:

"<!-- Where type and encoding CDATA conforms to the 
      productions specified by [URI] -->"

Attribute names Type and Encoding have to be capitalized.

###########################################################################
Section 4.1, DTD:

The content models of elements Manifest and Package are currently:

"( (Reference | Object )+ )"

In order to comply with both the Schema definition and the corresponding
sections in chapter 2 both models should be replaced with 

"( Reference+, Object* )"

###########################################################################
Section 4.2, Schema vs. DTD content model for Element SignatureProperty:

a) DTD content model for SignatureProperies is currently:

    "<!ELEMENT SignatureProperties SignatureProperty >"

and should be replaced with

    "<!ELEMENT SignatureProperties SignatureProperty+ >"

b)  DTD content model for SignatureProperty is currently:

    "<!ELEMENT SignatureProperty ANY >"

and should be replaced with

    "<!ELEMENT SignatureProperty #PCDATA >"

(same as with content model for element Object).

###########################################################################
Section 5.4.1, Schema and DTD:

Since the key values refer to the algorithm (DSA) and not to the standard
(DSS) I suggest to rename the element name from

    "<element name='DSSKeyValue'>" and 
    "<!ELEMENT DssKeyValue (P, Q, G, Y, J?, (seed, pgenCounter)?) >"

into 

    "<element name='DSAKeyValue'>" and 
    "<!ELEMENT DSAKeyValue (P, Q, G, Y, J?, (seed, pgenCounter)?) >"

BTW: Currently the element names are different in Schema and DTD
     (DSSKeyValue and DssKeyValue respectively).

<###########################################################################
Section 5.5.3, last sentence:

"The normative specificatin of Canonical XML is [XML-c14n]." 
                          ^
                          typo

<###########################################################################
Section 9, example code:

a) Transforms can only contain Transform elements, so please change

    "<Encoding Algorithm="http://www.w3.org/2000/01/xmldsig/base64"/>"

into

    "<Transform Algorithm="http://www.w3.org/2000/01/xmldsig/base64"/>" 

b) Transforms can only contain Transform elements, so please change

    "<CanonicalizationMethod Name="http://www ... "/>"

into

    "<Transform Algorithm="http://www ... "/>"

c) Capitalize Type attribute of element Object

d) Change element name <keyname> into <KeyName> in element KeyInfo

 
Gregor
-- 
---------------------------------------------------------------
Gregor Karlinger
mailto://gregor.karlinger@iaik.at
Institute for Applied Information Processing and Communications
Austria
---------------------------------------------------------------
Received on Wednesday, 12 January 2000 05:08:24 UTC