Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagexml
<xs:element name="Trust" type="TrustType" /> 
<xs:complexType name="TrustType">
	  <xs:simpleContent>
    		<xs:extension base="xs:base64Binary">
			
      <xs:attribute name="crl" type="xs:anyURI" use="optional" />
		</xs:extension>
	</xs:simpleContent>
</xs:complexType>

...


      <xs:attribute name="crlref" type="xs:IDREF" use="optional" />
      <xs:attribute name="ocsp" type="xs:anyURI" use="optional" />
      <xs:attribute name="ocspref" type="xs:IDREF" use="optional" />
    </xs:extension>
  </xs:simpleContent>
</xs:complexType>

The <Trust /> element represents a trusted certificate authority. The element contains a Base64-encoded certificate. The element may also contain crl attribute defining a CRL URL or ocsp attribute defining an OCSP URL.

Optionally CRL and OCSP URLs can be defined in a separate element <CRL /> and <OCSP /> as child element for <Trust /> element, and refer to them by their id in crlref and ocspref attribute in <Trust /> element.

The <CRL /> and <OCSP /> elements

Code Block
<xs:element name="CRL" type="CRLType" />
<xs:element name="OCSP" type="OCSPType" />
<xs:complexType name="CRLType">
  <xs:complexContent>
    <xs:extension base="PropertiesType">
      <xs:attribute name="uri" type="xs:anyURI" use="required" />
    </xs:extension>
  </xs:complexContent>
</xs:complexType>
<xs:complexType name="OCSPType">
  <xs:complexContent>
    <xs:extension base="PropertiesType">
      <xs:attribute name="uri" type="xs:anyURI" use="required" />
    </xs:extension>
  </xs:complexContent>
</xs:complexType>
<xs:complexType name="PropertiesType" abstract="true">
  <xs:sequence minOccurs="0" maxOccurs="unbounded">
    <xs:element name="Property" type="PropertyType" />
  </xs:sequence>
  <xs:attribute name="id" type="xs:ID" use="optional" />
</xs:complexType>
<xs:complexType name="PropertyType">
  <xs:simpleContent>
    <xs:extension base="xs:string">
      <xs:attribute name="name" type="xs:string" use="required" />
    </xs:extension>
  </xs:simpleContent>
</xs:complexType>

The <CRL /> and the <OCSP /> element represent a CRL and OCSP endpoint. The endpoint URL is defined in uri attribute and an identifier in id attribute. The identifier can be used in a <Trust /> element as value for crlref or ocspref attribute to refer to <CRL /> or <OCSP /> element.

For example:

Code Block
languagexml
<Trust ocspref="gspersonalsign2g2">MIIEVz...7H34U=</Trust>
<OCSP uri="http://ocsp2.globalsign.com/gspersonalsign2g2" id="gspersonalsign2g2"/>

The <Subject /> element

Code Block
languagexml
<xs:element name="Subject" type="SubjectType" />
<xs:complexType name="SubjectType">
	<xs:attribute name="KeyInfoConfirmationData" type="xs:boolean" />
</xs:complexType>

...