OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: issues with Holder of Key metadata schema

As mentioned to Scott, here are a couple of things I turned up by opening the sstc-saml-holder-of-key-browser-sso schema in an XML-aware editor.  They are both in the only substantive line in the schema:

 <xs:attribute name="ProtocolBinding" type="anyURI" use="optional"/>

Problem 1 is that the type="anyURI" refers to a type "anyURI" in the default namespace, which isn't defined.  It needs to be "xs:anyURI" to be valid.  I think this one may have become invalid due to a change of namespace conventions at some point during the schema's development.

Problem 2 is that the "use" attribute must not appear on a global declaration (i.e., one whose parent is <xs:schema>; it just makes no sense there as occurrence constraints only make sense in particular contexts.)  I'm finding it quite hard to find the normative language to support this, but there are random mentions of this restriction in various places in XML Schema documents.

This line appears in the spec, so I guess these issues apply to the spec as well as just the schema file.

This is what I've changed my local copy of the schema to:

 <xs:attribute name="ProtocolBinding" type="xs:anyURI"/>

	-- Ian

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]