[xmlsec] Signature in different namespace

G. Ken Holman gkholman at CraneSoftwrights.com
Mon Oct 15 15:10:30 PDT 2012

At 2012-10-15 23:51 +0200, Simon Josefsson wrote:
>Interesting -- thank you for your insight.  How should XMLDsig be
>referenced in XML Schemas?  I suppose you are saying that the following
>approach used by PSKC is incorrect?
>      <xs:complexType name="KeyContainerType">
>           <xs:sequence>
>                <xs:element name="Signature"
>                     type="ds:SignatureType" minOccurs="0"/>

You would need to reference the Signature element declared in the 
XMLDsig schema fragment, not create your own element.  If the above 
is used somewhere, I believe it is being done incorrectly.

This is how I wrote the schema for OASIS UBL that incorporates ds:Signature:


<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    <!-- ===== Incorporate W3C signature specification-->
    <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#"

    <!-- ===== Element Declarations ===== -->
    <xsd:element name="SignatureInformation"

    <!-- ===== Type Definitions ===== -->
    <xsd:complexType name="SignatureInformationType">
        <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1">
              <ccts:Definition>This is a single digital signature as 
defined by the W3C specification.</ccts:Definition>

I hope this helps.

. . . . . . . . . . Ken

Contact us for world-wide XML consulting and instructor-led training
Free 5-hour lecture: http://www.CraneSoftwrights.com/links/udemy.htm
Crane Softwrights Ltd.            http://www.CraneSoftwrights.com/z/
G. Ken Holman                   mailto:gkholman at CraneSoftwrights.com
Google+ profile: https://plus.google.com/116832879756988317389/about
Legal business disclaimers:    http://www.CraneSoftwrights.com/legal

More information about the xmlsec mailing list