OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-cppa message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Should the declarations for HashFunction, EncryptionAlgorithm,SignatureAlgorithm be made extensible?

In the 1.0 CPPA spec (lines 3116 to 3118), we have the following declarations:
 
    <element name="HashFunction" type="string"/>
    <element name="EncryptionAlgorithm" type="string"/>
    <element name="SignatureAlgorithm" type="string"/>
 
On the other hand, the April 19, 2001 W3C Candidate Recommendation of XML-Signature shows:

   <element name="SignatureMethod" type="ds:SignatureMethodType"/>
   <complexType name="SignatureMethodType" mixed="true">
     <sequence>
       <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
       <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
       <!-- (0,unbounded) elements from (1,1) external namespace -->
      </sequence>
    <attribute name="Algorithm" type="anyURI" use="required"/>
   </complexType>
 
This means that the SignatureMethod element in XML-Signature may have an optional HMACOutputLength sub-element plus 0 or more wildcard elements from other namespaces. Shouldn't SignatureAlgorithm be defined in the CPPA spec accordingly?
 
Likewise, I think it may be useful to allow wildcard attributes/sub-elements in the declaration of HashFunction and EncryptionAlgorithm to provide for the specification of properties like encryption strength.
 
In addition, the following sentence on lines 874-876 does not seem to make sense:
 
"As an alternative to the string value of the ds:DigestMethod, shown in the above example, the child element, ds:HMACOutputLength, with a string value, MAY be used."
 
It does not correspond to the example on lines 811-814 (which in itself seems erroneous, the HMACOutputLength should be a number, not a string) or to the schema definition of ds:DigestMethod in XML-Signature:
 
   <element name="DigestMethod" type="ds:DigestMethodType"/>
   <complexType name="DigestMethodType" mixed="true">
     <sequence>
       <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
     </sequence>   
     <attribute name="Algorithm" type="anyURI" use="required"/>
   </complexType>
 
According to the above definition, any sub-element under DigestMethod would have to come from some other namespace!
-Arvola
 
Arvola Chan (arvola@tibco.com)
TIBCO Software (on loan to RosettaNet)
+1-650-846-5046 (US-Pacific)

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC