Commit 839412fd authored by Peter Waher's avatar Peter Waher

Legal identities

parent bdac45af
......@@ -130,7 +130,8 @@ purposes.
<xs:documentation>Signature of the identity.</xs:documentation>
<xs:documentation>The signature is calculated on the identity element excluding the signature attributes.</xs:documentation>
<xs:documentation>All text nodes contain normalized Unicode text (in NFC).</xs:documentation>
<xs:documentation>The normalized XML is UTF-8 encoded before being signed.</xs:documentation>
<xs:documentation>XML is normalized. Unnecessary white space removed. Space characters only allowed whitespace. </xs:documentation>
<xs:documentation>The normalized XML, with atttibutes in alphabetical order, using double quotes, and no space when ending empty element, is UTF-8 encoded before being signed.</xs:documentation>
<xs:documentation>Note: The signature is just the first method to authenticate a legal identity. Using the identifier and the signature, the client can validate the registration is valid and up-to-date.</xs:documentation>
</xs:annotation>
</xs:attributeGroup>
......@@ -157,7 +158,7 @@ purposes.
<xs:attribute name='id' type='xs:string' use='optional'>
<xs:annotation>
<xs:documentation>An identifier assigned to the legal identity.</xs:documentation>
<xs:documentation>The identifier is unique within the scope of the Trust Anchor issuing it.</xs:documentation>
<xs:documentation>The identifier is formed as a JID, but is not a JID. The domain part corresponds to the domain of the Trust Anchor.</xs:documentation>
<xs:documentation>A client must not include an identifier when it applies for a legal identity pairing with the Trust Anchor.</xs:documentation>
</xs:annotation>
</xs:attribute>
......@@ -196,8 +197,12 @@ purposes.
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:element name='challenge'>
<xs:annotation>
<xs:documentation>Element sent in an iq get by the Trust Anchor to a client presenting a set of public keys.</xs:documentation>
<xs:documentation>Expected response element if OK: response</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:simpleContent>
<xs:extension base='xs:base64Binary'>
......@@ -213,10 +218,53 @@ purposes.
</xs:simpleContent>
</xs:complexType>
</xs:element>
<xs:element name='response'>
<xs:annotation>
<xs:documentation>Response element to a challenge. Contains signatures of the random challenge using the private keys corresponding to the public keys presented to the Trust Anchor.</xs:documentation>
<xs:documentation>All keys presented to the Trust Anchor must have a corresponding signature element in the response.</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name='signature' minOccurs='1' maxOccurs='unbounded'>
<xs:annotation>
<xs:documentation>Contains one signature using one private-public key pair.</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:attribute name='ref' type='xs:string' use='required'>
<xs:annotation>
<xs:documentation>Name of element used to present a public key to the Trust Anchor.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attributeGroup ref='e2:signatureAttributes'>
<xs:annotation>
<xs:documentation>Signature of the binary challenge using the corresponding private key.</xs:documentation>
</xs:annotation>
</xs:attributeGroup>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name='validate'>
<xs:annotation>
<xs:documentation>Sent by a client in an iq get to a Trust Anchor, to validate a Legal Identity.</xs:documentation>
<xs:documentation>Expected response element if OK: identity (containing the most recent version of the identity)</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref='identity'>
<xs:annotation>
<xs:documentation>The legal identity the client wishes to validate.</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<!--
challenge/response
validate (id, jid, signatue), receive most recent identity if signature historical.
update key.
-->
</xs:schema>
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment