[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OCSP-X vs SCVP
>But if you only consider the technical aspects
>then XML (markup) is only a textual transfer
>syntax and DER is a binary transfer syntax.
I disagree, and that was the point of my note: XML-Schema is like ASN.1
Listing a datatype from the XML Digital Signature spec, a "Manifest"
is a set of "References" and may have an identifier:
<Manifest ID="rsalz.com:my-list-of-tbs-data">
<Reference>...</Reference>
...
</Manifest>
I can describe that in ASN.1:
Reference ::= SEQUENCE { ... }
Manifest ::= SEQUENCE {
References SEQUENCE OF Reference,
Id [0] EXPLICIT ID OPTIONAL
}
and I can describe that in XMLSchema:
<element name="Reference"> ... </element>
<element name="Manifest">
<complexType>
<sequence>
<element ref="ds:Reference" maxOccurs="unbounded"/>
</sequence>
<attribute name="Id" type="ID" use="optional">
</complexType>
</element>
Certainly ASN.1 is older and parts are more stable, but it's also growing
(and has grown -- PKIX1Explicit88, e.g.). So is XMLSchema. For the
purposes of comparison, let's just call them equivalent.
>If there were but one XML schema life would
>be easy. But there are many XML schema, and
>more seem to be popping up in various XML
>communities.
That makes no more sense than saying there should be but one ASN.1 module.
I'm not advocating that the IETF, the Security Area or the PKIX WG "use"
XML (for some definition of use). I am trying to show that the XML
communities are working to define *everything* needed to describe and
exchange data. It might not make sense to use it -- I personally
see little point in rewriting X.509v3 datatypes in XML-Schema -- but
we should be aware of what's going on for if/when we do decide to work
in that space.
/r$