KeyInfo: sequence or choice from Joseph M. Reagle Jr. on 2001-03-07 (w3c-ietf-xmldsig@w3.org from January to March 2001)

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Wed, 07 Mar 2001 15:18:06 -0500
To: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
Message-Id: <4.3.2.7.2.20010307151152.02063200@rpcp.mit.edu>

As already mentioned, the definition of ds:KeyInfo uses a (1,unbounded) 
choices over mandatory elements to emulate an unordered set of optional 
elements. On hindsight this appears to be a bad choice for a couple reasons. 
First, it can make derivations difficult as the optionality can not be 
easily constrained since it is "simulated." Second, I thought an unordered 
list was preferable but now it seems preferable to know when you are going 
to see these elements (e.g., what's the point of having these things in a 
random order, particularly elements from an external namespace). Third, with 
our present approach of using choice, I can't think of a way to constrain 
KeyValue to occurring once. (See examples below of how this can be 
expressed). The only down side is that this sort of structure permits and 
empty KeyInfo, which Merlin just suggested a fix for given use of "choice."

Any thoughts?

__

<element name="KeyInfo" type="ds:KeyInfoType"/>
<complexType name="KeyInfoType" mixed="true">
   <sequence>
     <element ref="ds:KeyName" minOccurs="0" maxOccurs="unbounded"/>
     <element ref="ds:KeyValue" minOccurs="0" maxOccurs="1"/>
     <element ref="ds:RetrievalMethod" minOccurs="0" maxOccurs="unbounded"/>
     <element ref="ds:MgmtData" minOccurs="0" maxOccurs="unbounded"/>
     <element ref="ds:PGPData" minOccurs="0" maxOccurs="unbounded"/>
     <element ref="ds:SPKIData" minOccurs="0" maxOccurs="unbounded"/>
     <element ref="ds:X509Data" minOccurs="0" maxOccurs="unbounded"/>
     <any processContents="lax" namespace="##other" minOccurs="0" 
maxOccurs="unbounded"/>
     <!-- (0,unbounded) elements from (0,unbounded) namespaces -->
   </sequence>
   <attribute name="Id" type="ID" use="optional"/>
</complexType>


    <!ELEMENT KeyInfo	(#PCDATA|KeyName*|KeyValue?|RetrievalMethod*|
                X509Data*|PGPData*|SPKIData*|MgmtData* %KeyInfo.ANY;) >
    <!ATTLIST KeyInfo
    	Id	ID	#IMPLIED >

[1] http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001JanMar/0122.html

__
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Wednesday, 7 March 2001 15:21:14 UTC