[xmlsec] Signature in different namespace

G. Ken Holman gkholman at CraneSoftwrights.com
Mon Oct 15 15:10:30 PDT 2012 

At 2012-10-15 23:51 +0200, Simon Josefsson wrote:
>Interesting -- thank you for your insight.  How should XMLDsig be
>referenced in XML Schemas?  I suppose you are saying that the following
>approach used by PSKC is incorrect?
>
>      <xs:complexType name="KeyContainerType">
>           <xs:sequence>
>...
>                <xs:element name="Signature"
>                     type="ds:SignatureType" minOccurs="0"/>

You would need to reference the Signature element declared in the 
XMLDsig schema fragment, not create your own element.  If the above 
is used somewhere, I believe it is being done incorrectly.

This is how I wrote the schema for OASIS UBL that incorporates ds:Signature:

http://docs.oasis-open.org/ubl/prd2-UBL-2.1/xsd/common/UBL-SignatureAggregateComponents-2.1.xsd

<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
             xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
             targetNamespace=...
    ...
    <!-- ===== Incorporate W3C signature specification-->
    <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#"
                schemaLocation="UBL-xmldsig-core-schema-2.1.xsd"/>

    <!-- ===== Element Declarations ===== -->
    <xsd:element name="SignatureInformation"
                 type="SignatureInformationType"/>

    <!-- ===== Type Definitions ===== -->
    <xsd:complexType name="SignatureInformationType">
      ...
      <xsd:sequence>
        ...
        <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1">
          <xsd:annotation>
            <xsd:documentation>
              <ccts:Definition>This is a single digital signature as 
defined by the W3C specification.</ccts:Definition>
            </xsd:documentation>
          </xsd:annotation>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
</xsd:schema>


I hope this helps.

. . . . . . . . . . Ken

--
Contact us for world-wide XML consulting and instructor-led training
Free 5-hour lecture: http://www.CraneSoftwrights.com/links/udemy.htm
Crane Softwrights Ltd.            http://www.CraneSoftwrights.com/z/
G. Ken Holman                   mailto:gkholman at CraneSoftwrights.com
Google+ profile: https://plus.google.com/116832879756988317389/about
Legal business disclaimers:    http://www.CraneSoftwrights.com/legal

More information about the xmlsec mailing list