test and schema

git-svn-id: svn+ssh://svn.it.su.se/svn/swamid-metadata/trunk@101 0878fbc5-a6f2-46f6-b174-cb7b08c221d1
author: leifj <leifj@0878fbc5-a6f2-46f6-b174-cb7b08c221d1> 2009-04-07 21:36:59 +0000
committer: leifj <leifj@0878fbc5-a6f2-46f6-b174-cb7b08c221d1> 2009-04-07 21:36:59 +0000
commit: 7f9d445fa14f0605426e8b4825a493dacaab6f77 (patch)
tree: adfe1bb6e0f833f58b7f13ea5821ed868e3f776d /schema/shibboleth-trust-1.0.xsd
parent: c5dda43a8f95976409412c12e9e8a46248524794 (diff)
1 files changed, 60 insertions, 0 deletions
diff --git a/schema/shibboleth-trust-1.0.xsd b/schema/shibboleth-trust-1.0.xsd
new file mode 100644
index 00000000..0e603a5b
--- /dev/null
+++ b/schema/shibboleth-trust-1.0.xsd
@@ -0,0 +1,60 @@
+<schema targetNamespace="urn:mace:shibboleth:trust:1.0"
+	xmlns="http://www.w3.org/2001/XMLSchema"
+	xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+	xmlns:trust="urn:mace:shibboleth:trust:1.0"
+	elementFormDefault="unqualified"
+	attributeFormDefault="unqualified"
+	version="1.0">
+	
+    <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+
+	<annotation>
+		<documentation>
+		Trust metadata binds keys or authority lists to system entities.
+		The metadata consumer is responsible for associating the names of system entities
+		to the application context in an appropriate way.
+		</documentation>
+	</annotation>
+    
+	<element name="Trust">
+		<annotation>
+			<documentation>
+			An optionally signed collection of trust binding elements.
+			ds:KeyInfo is by definition a binding of a key to a specific entity,
+			which may be specified in various ways such as KeyName or X509SubjectName.
+			</documentation>
+		</annotation>
+		<complexType>
+			<sequence>
+				<choice maxOccurs="unbounded">
+					<element ref="ds:KeyInfo"/>
+					<element ref="trust:KeyAuthority"/>
+				</choice>
+				<element ref="ds:Signature" minOccurs="0"/>
+			</sequence>
+	        <attribute name="lastChanged" type="dateTime" use="optional"/>
+	        <attribute name="validUntil" type="dateTime" use="optional"/>
+	        <attribute name="cacheDuration" type="duration" use="optional"/>
+	        <anyAttribute namespace="##other" processContents="lax"/>
+		</complexType>
+	</element>
+
+	<element name="KeyAuthority" type="trust:KeyAuthorityType"/>
+	<complexType name="KeyAuthorityType">
+		<annotation>
+			<documentation>
+			Binds keying authorities to one or more named system entities.
+			Omitting ds:KeyName will apply the authorities to all transactions, unless
+			another specific match applies. This is risky, so use wisely, in conjunction
+			with constraints on acceptable messages using other forms of metadata or policy.
+			</documentation>
+		</annotation>
+		<sequence>
+			<element ref="ds:KeyName" minOccurs="0" maxOccurs="unbounded"/>
+			<element ref="ds:KeyInfo"/>
+		</sequence>
+		<attribute name="VerifyDepth" type="unsignedByte" use="optional"/>
+		<anyAttribute namespace="##other" processContents="lax"/>
+	</complexType>
+	
+</schema>
author	leifj <leifj@0878fbc5-a6f2-46f6-b174-cb7b08c221d1>	2009-04-07 21:36:59 +0000
committer	leifj <leifj@0878fbc5-a6f2-46f6-b174-cb7b08c221d1>	2009-04-07 21:36:59 +0000
commit	7f9d445fa14f0605426e8b4825a493dacaab6f77 (patch)
tree	adfe1bb6e0f833f58b7f13ea5821ed868e3f776d /schema/shibboleth-trust-1.0.xsd
parent	c5dda43a8f95976409412c12e9e8a46248524794 (diff)