Make it easy to create signable schemas (was: Re: XML Signature WG's review of XML Schema)

[This is herewith submitted as a personal last-call
comment to XML Schemas.]

Hello Joseph,

This review deals with the suitability of XML Schema to describe
the constructs used in XML-DSig (Schema/DTD).

What is missing, and what I would hope the XML DSig group could
contribute significantly to, is some kind of analysis e.g. with
respect of what potentials and problems XML Schema offers with
regards to describing data that can easily be signed. Two examples:

- Because the 'boolean' datatype has four lexical values (true, false,
   1, 0; this is in the spec, no kidding) instead of two lexical values,
   that means that additional effort (at least) is necessary if somebody
   wants to create a schema for some data containing boolean values.

- If there is some way to express that elements of the same type
   have to appear in a certain order (don't know whether this is in
   the spec or not), this will also help to create schemata that can
   be used to validate data and then feed that data into XML DSig
   without any or without much processing.

In other words, try to make sure that for appropriately designed
XML Schemas, no additional 'data canonicalization' step is necessary
to sign some data.

What do the DSig experts in this group think about such issues.

Regards,   Martin.



At 00/05/10 12:48 -0400, Joseph M. Reagle Jr. wrote:
>http://www.w3.org/Signature/2000/05/03-schema-review.html
>
>    The XML Signature WG thanks the XML Schema WG for their work and the
>    opportunity to review the last call Working Draft [1].  This comment
>    does not address the ease of implementation but only whether the
>    functionality as specified meets our requirements. To that end, the
>    last call specification easily meets our requirements. In particular,
>    the content types (elementOnly | empty | mixed | textOnly) and the
>    Wildecard Schema Component <ANY/> are very useful for dealing with
>    mixed content scenarios which are common to the signature domain. In
>    time, the type extension capabilities might be a useful feature in
>    constructing other cryptographic (key and certificate) syntaxes but we
>    are presently not employing these typing features.
>
>    Since the XML Signature specification should enter the W3C
>    Recommendation and IETF Standard tracks soon, we ask that the schema
>    WG give priority to the need for a stabilized syntax and for
>    expediently advancing the schema specification towards Recommendation.
>
>    Joseph Reagle, on behalf of the XML Signature WG
>
>    [1]
>       http://www.w3.org/TR/2000/WD-xmlschema-0-20000407/
>       http://www.w3.org/TR/2000/WD-xmlschema-1-20000407/
>       http://www.w3.org/TR/2000/WD-xmlschema-2-20000407/
>
>_________________________________________________________
>Joseph Reagle Jr.
>W3C Policy Analyst                mailto:reagle@w3.org
>IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/

Received on Thursday, 11 May 2000 03:54:25 UTC