[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Approach to code-signing profile
At 10:09 AM 1/20/2004 -0500, Paul Madsen wrote:
>[...]
>As it stands, the core schema does not appear to facilitate such extension
>as we use anonymous types and 'inline' the element definitions.
When we talked about profile-specific schemas earlier [1], we were thinking
that instead using derived types, it would be better to just "re-write" the
core schema to be more specific.
I.e., if you want to define a schema for a profile that doesn't allow
optional inputs, then you can just copy the core schema, and rewrite the
<SignRequest> without <OptionalInputs>, like:
<xs:element name="SignRequest">
<xs:complexType>
<xs:sequence>
<xs:element ref="dss:InputDocuments"/>
</xs:sequence>
<xs:attribute name="RequestID" type="xs:string" use="optional"/>
</xs:complexType>
</xs:element>
This has a couple advantages:
1) it lets you profile the core without the complexities of multiple
schema documents and derived types.
2) "looser typing" aids interoperability, since a client just has to send
a request with the right optional inputs, the client doesn't have to assign
a particular xsi:type to <OptionalInputs>.
To explain (2) better, there might be lots of profiles that return an
XML-DSIG, and only require the single optional input <ClaimedIdentity>. A
client implementation that only sends this single optional input would
automatically work with these different profiles. However, if the client
also had to indicate the correct derived type, such as <OptionalInputs
xsi:type="someprofile:ProfileOptionalInputsType">, then this would trip up
interoperability.
Trevor
[1] http://lists.oasis-open.org/archives/dss/200311/msg00075.html
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]