A posting from Xavier Orri (Octalis SA, Belgium) announces the submission of an informational Internet Draft document on "SPKI-XML Certificate Structure." The schema design takes an approach intentionally different than that of J. Paajarvi in "XML Encoding of SPKI Certificates" (March 2000). The authors' goal in the document "is to promote a discussion within the XML and SPKI community of the subject of XML encoding of SPKI certificates, to receive comments and feedback, and to further evolve it until there is something really solid and agreed upon. The draft document presents an schema in detail for SPKI, and discusses the transcoding from and to S-Expressions; it also addresses some open issues that need to be further discussed with the XML and SPKI community. A principal objective in specifying the XML Schema has been to follow as much as possible the syntax and semantics defined by SPKI; the main goal was not that of defining an XML Schema for certification, but rather defining an XML Schema for the XML encoding of SPKI certificates such that transcoding from and to S-expressions is simple, using standard tools whenever possible." A corresponding XML DTD is also provided in the submission.
Bibliographic information: SPKI-XML Certificate Structure. IETF Internet Draft. Edited by Joan-Maria Mas Ribes and Xavier Orri Sainz de los Terreros. Reference: 'draft-orri-spki-xml-cert-struc-00.txt'. Date: November 2001, expires May 2002. Category: Informational. 93 pages.
From the draft of 'SPKI-XML Certificate Structure':
This draft suggests a standard form for transforming SPKI certificates encoded using S-expressions from and to XML documents. We present a XML Schema for the encoding and validation of SPKI certificates and other SPKI objects such as sequences and ACLs, and discuss different possibilities for the transformation of S- expressions into an XML document and vice-versa. The XML Schema is based on the [IETF Draft] "SPKI Certificate Structure". The main emphasis of this document is on the encoding of all SPKI constructs under XML. Additionally, this draft provides a short discussion on specific possibilities for the transformation of S- expression encoded certificates to and from XML encoded certificates. The SPKI Certificate Theory is explained in RFC2693; it is not the intention or the objective of this document to address certificate design issues.
This document represents a continuation to some, a different approach to others, of the work initiated by J. Paajarvi relative to the XML encoding of SPKI certificates in [PAAJ = "XML Encoding of SPKI Certificates," March 2000]. The authors feel both initiatives share the same goal, but take different approaches. The work in this document is based on XML Schemas instead of DTDs. [PAAJ] defines a DTD that somewhat "breaks" the syntax as defined in SPKI and make the trans-coding from/to XML to/from S-expressions rather complex. In the present document this trans-coding was one of the design goals. Furthermore, [PAAJ] is based on XML digital signatures as defined in ["XML-Signature Syntax and Processing"]. The authors do not believe this is the best approach in this case.
The first sections of this document and its structure match that of the SPKI Certificate Structure (SPKI) as much as possible. Our intention is to facilitate the reading of this document to those already familiarized with the specification of SPKI certificates.
Principal references:
- SPKI-XML Certificate Structure. Internet Draft 'draft-orri-spki-xml-cert-struc-00.txt'
- IETF Simple Public Key Infrastructure Working Group
- Simple Public Key Certificate. IETF Internet Draft 'draft-ietf-spki-cert-structure-06.txt'.
- SPKI/SDSI Certificates. Resources maintained by Carl M. Ellison
- Transformation from S-expressions to XML documents. Code and examples from C. M. Ellison. [cache]
- Contact: Xavier Orri (Octalis SA, Belgium)
- "XML Encoding of SPKI Certificates" - Main reference page.