[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OCSP-X vs SCVP

To: "David P. Kemp" <dpkemp@xxxxxxxxxxxxxx>, <ietf-pkix@xxxxxxx>
Subject: Re: OCSP-X vs SCVP
From: "Anders Rundgren" <anders.rundgren@xxxxxxxxx>
Date: Tue, 14 Nov 2000 00:35:59 +0100
References: <>

David,
I will try to explain this in another way

<snip>

> In contrast, I don't see how an XML schema, whether it is local/global/
> application/whatever, can communicate anything more about the semantics
> of a message (how it is to be acted upon) than can an ASN.1 type
> definition

<snip>

If my interpretation of the AC draft is correct, as well as my understanding that ASN.1 does
not support a schema/DTD the following is one of *many* reasons why XML DTD/Shemas
*would* make a difference if applied to ACs:

PKIX AC profile: A *single* definition for all possible AC application profiles

"Possible" XML-AC profile: Generic schema-defined header + application-specific schema for the actual
profile (the attributes). 
An AC app is unlikely to bother about more than a few such application-specific shemas.
Most only understands one.  A typical AC app simply rejects an unknown schema.
The major part of the work is therefore done by the XML-parser so the
application knows exactly (based on encountered schema having implict semantics) what to
process instead of doing own pattern matching, and data filtering.  With XML schemas you
would typically specify a 1-to-1 fit with an application instead of "trying to be smart" and make
just about everything OPTIONAL, CHOICE, critical, non-critical etc.

===========================================================
If the ASN.1-AC approach (due to lack of schema) had been applied to BizTalk
(an XML-based business-message framwork), there would be a single definition
("business message profile") that would have had optional constructs for all kinds of
business messages.  That would not have worked as it would be impossible to get
consensus, and would also have put an enormous burden on application developers.
===========================================================

I.e. IMO you SHOULD NOT structure things the same way when you have schemas
as you (are forced to) do in ASN.1.  If you do, you could [almost] equally well stay with
ASN.1 as it is comparable with XML at the element level.

Anders

References:
- Re: OCSP-X vs SCVP
  - From: David P. Kemp

Prev by Date: Re: Should PKIX protocols support XML well
Next by Date: XML for PKIX data structures
Previous by thread: Re: OCSP-X vs SCVP
Next by thread: Re: OCSP-X vs SCVP
Index(es):
- Date
- Thread