Re: [xmlsec] Signature in different namespace

Mon, 15 Oct 2012 15:10:49 -0700 

At 2012-10-15 23:51 +0200, Simon Josefsson wrote:

Interesting -- thank you for your insight.  How should XMLDsig be
referenced in XML Schemas?  I suppose you are saying that the following
approach used by PSKC is incorrect?

     <xs:complexType name="KeyContainerType">
          <xs:sequence>
...
               <xs:element name="Signature"
                    type="ds:SignatureType" minOccurs="0"/>
You would need to reference the Signature element declared in the XMLDsig schema fragment, not create your own element. If the above is used somewhere, I believe it is being done incorrectly. 

This is how I wrote the schema for OASIS UBL that incorporates ds:Signature:

http://docs.oasis-open.org/ubl/prd2-UBL-2.1/xsd/common/UBL-SignatureAggregateComponents-2.1.xsd

<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema";
            xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
            targetNamespace=...
   ...
   <!-- ===== Incorporate W3C signature specification-->
   <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#";
               schemaLocation="UBL-xmldsig-core-schema-2.1.xsd"/>

   <!-- ===== Element Declarations ===== -->
   <xsd:element name="SignatureInformation"
                type="SignatureInformationType"/>

   <!-- ===== Type Definitions ===== -->
   <xsd:complexType name="SignatureInformationType">
     ...
     <xsd:sequence>
       ...
       <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1">
         <xsd:annotation>
           <xsd:documentation>
<ccts:Definition>This is a single digital signature as defined by the W3C specification.</ccts:Definition> 
           </xsd:documentation>
         </xsd:annotation>
       </xsd:element>
     </xsd:sequence>
   </xsd:complexType>
</xsd:schema>


I hope this helps.

. . . . . . . . . . Ken

--
Contact us for world-wide XML consulting and instructor-led training
Free 5-hour lecture: http://www.CraneSoftwrights.com/links/udemy.htm
Crane Softwrights Ltd.            http://www.CraneSoftwrights.com/z/
G. Ken Holman                   mailto:[email protected]
Google+ profile: https://plus.google.com/116832879756988317389/about
Legal business disclaimers:    http://www.CraneSoftwrights.com/legal

_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec

Reply via email to