X509Data element from Kevin Regan on 2000-07-15 (w3c-ietf-xmldsig@w3.org from July to September 2000)

From: Kevin Regan <kevinr@valicert.com>
Date: Fri, 14 Jul 2000 21:22:56 -0700 (PDT)
To: w3c-ietf-xmldsig@w3.org
Message-id: <Pine.SOL.4.21.0007121602350.18317-100000@bugs.valicert.com>

The DTD does not seem to have been modified to reflect changes
in the XML Schema.  Here is the XML Schema and DTD:

<element name='X509Data'>
  <complexType content='elementOnly'>
    <choice minOccurs='1' maxOccurs='1'>
      <sequence minOccurs='1' maxOccurs='unbounded'>
        <choice minOccurs='1' maxOccurs='1'>
          <element ref='ds:X509IssuerSerial'/>
          <element name='X509SKI' type='ds:CryptoBinary'/>
          <element name='X509SubjectName' type='string'/> 
        </choice>
      </sequence>
      <element name='X509Certificate' type='ds:CryptoBinary' minOccurs='1'
maxOccurs='1'/>
      <element name='X509CRL' type='ds:CryptoBinary' minOccurs='1' 
maxOccurs='1'/>
    </choice>
  </complexType>
</element>

<!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName), 
                     X509Certificate*, X509CRL*)>

Shouldn't the DTD be something like:

<!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName)+ |
                    X509Certificate | X509CRL)>

There also seem to be other areas in which the DTD is out-of-date
when compared to the XML Schema.  I know that XML Schemas will be
a great tool and I will be moving to them as soon as I can.
However, at the moment, there is no 100% functional option
for XML Schemas.  Therefore, I'm guessing that the first implementations
of XML Signature will be with DTDs.  So, I think that as much
effort should be put into the DTD as is being put into the
XML Schema.

Sincerely,
Kevin Regan

Received on Saturday, 15 July 2000 00:23:07 UTC