empty KeyInfo, etc. from merlin on 2001-03-05 (w3c-ietf-xmldsig@w3.org from January to March 2001)

From: merlin <merlin@baltimore.ie>
Date: Mon, 05 Mar 2001 10:19:26 +0000
To: w3c-ietf-xmldsig@w3.org
Message-Id: <20010305101926.E942E440FB@yog-sothoth.ie.baltimore.com>

Hi,

I have one express dislike and a few trivial clarity concerns with
some of our schema defs, all related to the use of minOccurs and
maxOccurs:

These comments are based on the standingless
http://www.w3.org/Signature/Drafts/xmldsig-core/Overview.html

4.4 KeyInfo

<complexType name="KeyInfoType" mixed="true">
  <choice maxOccurs="unbounded">     
    <element name="KeyName" type="string"/> 
    ...
    <any ... namespace="##other" minOccurs="0" maxOccurs="unbounded"/> 
  </choice>
  ...
</complexType>
                    
This permits an empty KeyInfo (if you have 0 elements from
##other). It seems to me that if we took minOccurs=0 and
maxOccurs=unb away from the any, then the unlimit on the
choice would permit exactly what we want to express: 1 or
more elements among our permitted types and those of others.

This is consistent with the new X509DataType, etc.

Other issues:

4.3.2 SignatureMethodType

The minOccurs=0/maxOccurs=1 on the sequence are redundant.

4.3.3.4 TransformType

The maxOccurs=unb on the choice is redundant or in error?
It suggests that multiple XSLT or XPath elements are valid.

4.4.6 SPKIData

The maxOccurs=unb on the outer sequence allows multiple
SPKISexp elements, which I don't believe is the intention.
I think instead the any should get that maxOccurs.

4.5/5.1 Object/Manifest

ObjectType has sequence+[any], where ManifestType has
sequence[any+]; I think the latter is more consistent with
the rest of the doc.

5.2 SignatureProperties

SignatureProperType has choice*[any*]; one of the * is
redundant.

merlin


-----------------------------------------------------------------------------
Baltimore Technologies plc will not be liable for direct,  special,  indirect 
or consequential  damages  arising  from  alteration of  the contents of this
message by a third party or as a result of any virus being passed on.

In addition, certain Marketing collateral may be added from time to time to
promote Baltimore Technologies products, services, Global e-Security or
appearance at trade shows and conferences.

This footnote confirms that this email message has been swept by
Baltimore MIMEsweeper for Content Security threats, including
computer viruses.
   http://www.baltimore.com

Received on Monday, 5 March 2001 05:19:53 UTC