1
0
mirror of https://github.com/moparisthebest/xeps synced 2024-11-25 02:32:18 -05:00
git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@2867 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
Peter Saint-Andre 2009-03-10 21:50:59 +00:00
parent e979994657
commit 921f726091

View File

@ -7,14 +7,6 @@
<!ENTITY EQUIVALENTLABEL "&lt;equivalentlabel/&gt;"> <!ENTITY EQUIVALENTLABEL "&lt;equivalentlabel/&gt;">
<!ENTITY HEADLINE "&lt;headline/&gt;"> <!ENTITY HEADLINE "&lt;headline/&gt;">
<!ENTITY IDENTITY "&lt;identity/&gt;"> <!ENTITY IDENTITY "&lt;identity/&gt;">
<!ENTITY rfc2634 "<span class='ref'><link url='http://tools.ietf.org/html/rfc2634'>RFC 2634</link></span> <note>RFC 2634: Enhanced Security Services for S/MIME &lt;<link url='http://tools.ietf.org/html/rfc2634'>http://tools.ietf.org/html/rfc2634</link>&gt;.</note>" >
<!ENTITY ASN.1 "<span class='ref'><link url='http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf'>ASN.1</link></span> <note>X.680: Abstract Syntax Notation One (ASN.1): Specification of basic notation &lt;<link url='http:://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf'>http:://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf</link>&gt;.</note>" >
<!ENTITY BER "<span class='ref'><link url='http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf'>BER</link></span> <note>X.690: ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) &lt;<link url='http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf'>http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf</link>&gt;.</note>" >
<!ENTITY X.500 "<span class='ref'><link url='http://www.itu.int/rec/T-REC-X.500-200102-I/en'>X.500</link></span> <note>X.500: The Directory: Overview of concepts, models and service &lt;<link url='http://www.itu.int/rec/T-REC-X.500-200102-I/en'>http://www.itu.int/rec/T-REC-X.500-200102-I/en</link>&gt;.</note>" >
<!ENTITY X.841 "<span class='ref'><link url='http://www.itu.int/rec/T-REC-X.841-200010-I/en'>X.841</link></span> <note>X.841: Security techniques - Security information objects for access control &lt;<link url='http://www.itu.int/rec/T-REC-X.841-200010-I/en'>http://www.itu.int/rec/T-REC-X.841-200010-I/en</link>&gt;.</note>" >
<!ENTITY SDN.801c "<span class='ref'>SDN.801c</span> <note>SDN.801c: Access Control Concept and Mechanism, US National Security Agency, Revision C, 12 May 1999.</note>" >
<!ENTITY IC-ISM "<span class='ref'>IC-ISM</span> <note>Common Information Sharing Standard for Information Security Marking: XML Implementation, Office of the Director of National Intelligence,
Release 2.0.3, 15 February 2006.</note>" >
%ents; %ents;
]> ]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?> <?xml-stylesheet type='text/xsl' href='xep.xsl'?>
@ -33,7 +25,6 @@ Release 2.0.3, 15 February 2006.</note>" >
<dependencies> <dependencies>
<spec>XMPP Core</spec> <spec>XMPP Core</spec>
<spec>XEP-0001</spec> <spec>XEP-0001</spec>
<spec>Etc.</spec>
</dependencies> </dependencies>
<supersedes/> <supersedes/>
<supersededby/> <supersededby/>
@ -44,6 +35,12 @@ Release 2.0.3, 15 February 2006.</note>" >
<email>Kurt.Zeilenga@Isode.COM</email> <email>Kurt.Zeilenga@Isode.COM</email>
<jid>Kurt.Zeilenga@Isode.COM</jid> <jid>Kurt.Zeilenga@Isode.COM</jid>
</author> </author>
<revision>
<version>0.2</version>
<date>2009-03-10</date>
<initials>kdz</initials>
<remark><p>Reworked discovery and various updates.</p></remark>
</revision>
<revision> <revision>
<version>0.1</version> <version>0.1</version>
<date>2009-01-05</date> <date>2009-01-05</date>
@ -78,39 +75,42 @@ Release 2.0.3, 15 February 2006.</note>" >
commonly used in conjunction with &X.500; clearances and either X.841 or &SDN.801c; commonly used in conjunction with &X.500; clearances and either X.841 or &SDN.801c;
security policies.</p> security policies.</p>
<example caption="Message with ESS Security Label"><![CDATA[ <example caption="Message with ESS Security Label"><![CDATA[
<message to='romeo@example.net' from='juliet@example.com/balcony'> <message to='romeo@example.net' from='juliet@example.com/balcony'>
<body>This content is classified.</body> <body>This content is classified.</body>
<securitylabel xmlns='urn:xmpp:sec-label:0'> <securitylabel xmlns='urn:xmpp:sec-label:0'>
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking> <displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
<label><esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0' <label><esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'>
>MQYCAQIGASk=</esssecurityLabel></label> MQYCAQQGASk=
</securityLabel> </esssecuritylabel></label>
</message> </securitylabel>
</message>
]]></example> ]]></example>
<example caption="Message with IC-ISM Label"><![CDATA[ <example caption="Message with IC-ISM Label"><![CDATA[
<message to='romeo@example.net' from='juliet@example.com/balcony'> <message to='romeo@example.net' from='juliet@example.com/balcony'>
<body>This content is classified.</body> <body>This content is classified.</body>
<securitylabel xmlns='urn:xmpp:sec-label:0'> <securitylabel xmlns='urn:xmpp:sec-label:0'>
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking> <displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
<label><icismlabel xmlns='http://example.gov/IC-ISM/0' <label><icismlabel xmlns='http://example.gov/IC-ISM/0' classification='S'
classification='S' ownerProducer='USA' disseminationControls='FOUO'/></label> ownerProducer='USA' disseminationControls='FOUO'/></label>
</securityLabel> </securitylabel>
</message> </message>
]]></example> ]]></example>
<p>Note: The &IC-ISM; label example is for <em>illustrative purposes only</em>.</p> <p>Note: The &IC-ISM; label example is for <em>illustrative purposes only</em>.</p>
<p>The document details when security label metadata should or should not be provided, and how <p>The document details when security label metadata should or should not be provided, and how
this metadata is to be processed.</p> this metadata is to be processed.</p>
<p>This document does <em>not</em> (yet?) provide:
<p>This document does <em>not</em> provide:
<ul> <ul>
<li>any mechanism for a client might discover the security policy enforce at its home server, <li>any mechanism for a client might discover the security policy
or any other server;</li> enforce at its home server, or any other server;</li>
<li>any mechanism for a client to discover the user's clearance, <li>any mechanism for a client to discover the user's clearance,
or the clearance of associated with any resource; nor</li> or the clearance of associated with any resource; nor</li>
<li>any administrative mechanism for a client to configure configure policy, <li>any administrative mechanism for a client to configure
clearance, and labels of any resource.</li> configure policy, clearance, and labels of any resource.</li>
</ul> </ul>
Such mechanisms may be introduced in subsequent documents.</p>
Such mechanisms may be introduced in subsequent documents.</p>
</section1> </section1>
<section1 topic='Discovering Feature Support' anchor='disco'> <section1 topic='Discovering Feature Support' anchor='disco'>
@ -156,20 +156,20 @@ Release 2.0.3, 15 February 2006.</note>" >
includes a security label, zero or more equivalent security labels, and optionally display includes a security label, zero or more equivalent security labels, and optionally display
marking data.</p> marking data.</p>
<example caption="Labeled Message"><![CDATA[ <example caption="Labeled Message"><![CDATA[
<message to='romeo@example.net' from='juliet@example.com/balcony'> <message to='romeo@example.net' from='juliet@example.com/balcony'>
<body>This content is classified.</body> <body>This content is classified.</body>
<securitylabel xmlns='urn:xmpp:sec-label:0'> <securitylabel xmlns='urn:xmpp:sec-label:0'>
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking> <displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
<label> <label>
<esssecuritylabel xmlns='urn:xmpp:sec-label:0' <esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
>MQYCAQIGASk=</esssecuritylabel> >MQYCAQIGASk=</esssecuritylabel>
</label> </label>
<equivalentlabel> <equivalentlabel>
<esssecuritylabel xmlns='urn:xmpp:sec-label:0' <esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
>MRACAgEABgIpARMGT3Jhbmdl</esssecuritylabel> >MRUCAgD9DA9BcXVhIChvYnNvbGV0ZSk=</esssecuritylabel>
</equivalentlabel> </equivalentlabel>
</securityLabel> </securitylabel>
</message> </message>
]]></example> ]]></example>
<p>The security label metadata is carried in an &SECURITYLABEL; element. <p>The security label metadata is carried in an &SECURITYLABEL; element.
The &SECURITYLABEL; element which contains one and only one &LABEL; element, The &SECURITYLABEL; element which contains one and only one &LABEL; element,
@ -193,21 +193,28 @@ Release 2.0.3, 15 February 2006.</note>" >
colorizing the display marking.</p> colorizing the display marking.</p>
</section1> </section1>
<section1 topic='Label Information Discovery' anchor='label-disco'> <section1 topic='Label Catalog Discovery' anchor='label-catalog'>
<p>It is RECOMMENDED the server publish security label information, including a <p>It is RECOMMENDED the server publish a catalogs of security label
catalog of labels, for use by clients.</p> for use by clients.</p>
<p>The catalog provided should only contain labels for which the client is allowed to use <p>Each catalog provided should only contain labels for which the client
(based upon the user's authorization). The catalog may not be include the complete is allowed to use (based upon the user's authorization) in a particular
set of labels available for the use by the client.</p> context (such as in chatroom). A catalog may not be include the
<p>As each service domain may have different support for security labels, servers complete set of labels available for the use by the client in the
should advertise and clients should perform appropriate discovery lookups on a context.</p>
per service basis.</p> <blockquote>Note: the single catalog per context approach used here
<p>To indicate the support for label information discovery, a server advertises the is likely inadequate in enviroments where there are a large number
<tt>urn:xmpp:sec-label:info:0</tt> feature.</p> of labels in use. It is expected that a more sophisticated approach
<example caption="Label Information Feature Discovery request"><![CDATA[ will be introduced in a subsequent revision of this
specification.</blockquote>
<p>As each service domain may have different support for security labels,
servers should advertise and clients should perform appropriate
discovery lookups on a per service basis.</p>
<p>To indicate the support for label catalog discovery, a server
advertises the <tt>urn:xmpp:sec-label:catalog:0</tt> feature.
The following pair of examples illustrates this feature discovery.</p>
<example caption="Label Catalog Feature Discovery request"><![CDATA[
<iq type='get' <iq type='get'
from='user@example.com/Work' from='user@example.com/Work'
to='example.com'
id='disco1'> id='disco1'>
<query xmlns='http://jabber.org/protocol/disco#info'/> <query xmlns='http://jabber.org/protocol/disco#info'/>
</iq> </iq>
@ -219,65 +226,56 @@ Release 2.0.3, 15 February 2006.</note>" >
id='disco1'> id='disco1'>
<query xmlns='http://jabber.org/protocol/disco#info'> <query xmlns='http://jabber.org/protocol/disco#info'>
... ...
<feature var='urn:xmpp:sec-label:0'/> <feature var='urn:xmpp:sec-label:catalog:0'/>
<feature var='urn:xmpp:sec-label:info:0'/>
... ...
</query> </query>
</iq> </iq>
]]></example> ]]></example>
<p>The following example illustrates catalog discovery.</p> <p>The following example pair illustrates catalog discovery.</p>
<!-- Hierarchy of labels? --> <example caption="Label Catalog request"><![CDATA[
<example caption="Label Information request"><![CDATA[ <iq type='get' id='cat1'>
<iq type='get' <catalog xmlns='urn:xmpp:sec-label:catalog:0' to='example.com'/>
from='user@example.com/Work'
to='example.com'
id='catalog1'>
<query xmlns='urn:xmpp:sec-label:info:0'/>
</iq> </iq>
]]></example> ]]></example>
<example caption="Label Information response"><![CDATA[ <example caption="Label Catalog Get response"><![CDATA[
<iq type='result' <iq type='result' to='user@example.com/Work' id='cat1'>
from='example.com' <catalog xmlns='urn:xmpp:sec-label:catalog:0'
to='user@example.com/Work' to='example.com' name='Default'
id='catalog1'> desc='an example set of labels'/>
<query xmlns='urn:xmpp:sec-label:info:0'>
<labelcatalog>
<securitylabel xmlns='urn:xmpp:sec-label:0'> <securitylabel xmlns='urn:xmpp:sec-label:0'>
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking> <displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
<label> <label>
<esssecuritylabel xmlns='urn:xmpp:sec-label:0' <esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
>MQYCAQQGASk=</esssecuritylabel> >MQYCAQQGASk=</esssecuritylabel>
</label> </label>
</securityLabel> </securitylabel>
<securitylabel xmlns='urn:xmpp:sec-label:0'> <securitylabel xmlns='urn:xmpp:sec-label:0'>
<displaymarking fgcolor='black' bgcolor='navy'>CONFIDENTIAL</displaymarking> <displaymarking fgcolor='black' bgcolor='navy'>CONFIDENTIAL</displaymarking>
<label> <label>
<esssecuritylabel xmlns='urn:xmpp:sec-label:0' <esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
>MQYCAQMGASk=</esssecuritylabel> >MQYCAQMGASk</esssecuritylabel>
</label> </label>
</securityLabel> </securitylabel>
<securitylabel xmlns='urn:xmpp:sec-label:0'> <securitylabel xmlns='urn:xmpp:sec-label:0'>
<displaymarking fgcolor='black' bgcolor='aqua'>RESTRICTED</displaymarking> <displaymarking fgcolor='black' bgcolor='aqua'>RESTRICTED</displaymarking>
<label> <label>
<esssecuritylabel xmlns='urn:xmpp:sec-label:0' <esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
>MQYCAQIGASk=</esssecuritylabel> >MQYCAQIGASk=</esssecuritylabel>
</label> </label>
</securityLabel> </securitylabel>
<securitylabel xmlns='urn:xmpp:sec-label:0'> <securitylabel xmlns='urn:xmpp:sec-label:0'>
<displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking> <displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking>
<label> <label>
<esssecuritylabel xmlns='urn:xmpp:sec-label:0' <esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
>MQMGASk=</esssecuritylabel> >MQMGASk=</esssecuritylabel>
</label> </label>
</securityLabel> </securitylabel>
</labelcatalog> </catalog>
</query>
</iq> </iq>
]]></example> ]]></example>
<p>The label information may contain other elements.</p>
</section1> </section1>
<section1 topic='Use in XMPP' anchor='xmpp-use'> <section1 topic='Use in XMPP' anchor='xmpp-use'>
@ -508,9 +506,9 @@ And by opposing end them?
<securitylabel xmlns='urn:xmpp:sec-label:0'> <securitylabel xmlns='urn:xmpp:sec-label:0'>
<displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking> <displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking>
<label> <label>
<esssecuritylabel xmlns='urn:xmpp:sec-label:0'>MQMGASk=</esssecuritylabel> <esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'>MQMGASk=</esssecuritylabel>
</label> </label>
</securityLabel> </securitylabel>
</item> </item>
</publish> </publish>
</pubsub> </pubsub>
@ -540,9 +538,9 @@ And by opposing end them?
<securitylabel xmlns='urn:xmpp:sec-label:0'> <securitylabel xmlns='urn:xmpp:sec-label:0'>
<displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking> <displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking>
<label> <label>
<esssecuritylabel xmlns='urn:xmpp:sec-label:0'>MQMGASk=</esssecuritylabel> <esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'>MQMGASk=</esssecuritylabel>
</label> </label>
</securityLabel> </securitylabel>
</item> </item>
</items> </items>
</event> </event>
@ -552,6 +550,14 @@ And by opposing end them?
</section2> </section2>
</section1> </section1>
<section1 topic='Extension Considerations' anchor='exts'>
<p>
This extension is itself is extensible. In particular, the &LABEL; and &EQUIVALENTLABEL;
elements are designed to hold a range of security labels formats. XML namespaces SHOULD
be used to avoid name clashes.
</p>
</section1>
<!-- <!--
<section1 topic='Implementation Notes' anchor='impl'> <section1 topic='Implementation Notes' anchor='impl'>
<p>OPTIONAL.</p> <p>OPTIONAL.</p>
@ -572,109 +578,208 @@ And by opposing end them?
<p>This document requires no interaction with &IANA;.</p> <p>This document requires no interaction with &IANA;.</p>
</section1> </section1>
<section1 topic='XMPP Registrar Considerations' anchor='registrar'> <section1 topic='XMPP Registrar Considerations' anchor='registrar'>
<p>It is requested the &REGISTRAR; add the extension's namespace and schema to <p>It is requested the &REGISTRAR; add the extension's namespaces
appropriate XMPP registries.</p> and schemas to appropriate XMPP registries.</p>
<p>It is requested the Registrar maintain a registry of label types. The
type string "<tt>ESS</tt>" is reserved for use as described in this document.</p>
</section1> </section1>
<section1 topic='XML Schemas' anchor='schema'> <section1 topic='XML Schemas' anchor='schema'>
<section2 topic='&lt;securitylabel/&gt; schema' anchor='schema-sl'> <section2 topic='Extension Schema' anchor='schema-sl'>
<p> <p>
<code><![CDATA[ <code><![CDATA[
<?xml version='1.0' encoding='UTF-8'?> <?xml version='1.0' encoding='UTF-8'?>
<xs:schema <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:xmpp:sec-label:0"
xmlns:xs='http://www.w3.org/2001/XMLSchema' xmlns="urn:xmpp:sec-label:0" elementFormDefault="qualified">
targetNamespace='urn:xmpp:sec-label:0'
xmlns='urn:xmpp:sec-label:0'
elementFormDefault='qualified'>
<xs:annotation>
<xs:documentation>The protocol documented by this schema is defined in XEP-0258:
http://www.xmpp.org/extensions/xep-0258.html</xs:documentation>
</xs:annotation>
<xs:simpleType name="colorCSS">
<xs:annotation> <xs:annotation>
<xs:documentation> <xs:documentation>CSS colors (W3C colors + "orange")</xs:documentation>
The protocol documented by this schema is defined in XEP-XXXX: </xs:annotation>
http://www.xmpp.org/extensions/xep-XXXX.html <xs:restriction base="xs:string">
</xs:documentation> <xs:enumeration value="aqua"/>
<xs:enumeration value="black"/>
<xs:enumeration value="blue"/>
<xs:enumeration value="fuschia"/>
<xs:enumeration value="gray"/>
<xs:enumeration value="green"/>
<xs:enumeration value="lime"/>
<xs:enumeration value="maroon"/>
<xs:enumeration value="navy"/>
<xs:enumeration value="olive"/>
<xs:enumeration value="purple"/>
<xs:enumeration value="red"/>
<xs:enumeration value="silver"/>
<xs:enumeration value="teal"/>
<xs:enumeration value="white"/>
<xs:enumeration value="yellow"/>
<xs:enumeration value="orange"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="colorRGB">
<xs:annotation>
<xs:documentation>Hex encoded RGB</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:string">
<xs:pattern value="#[0-9A-Fa-f]{6}"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="color">
<xs:annotation>
<xs:documentation>Color</xs:documentation>
</xs:annotation>
<xs:union memberTypes="colorCSS colorRGB"/>
</xs:simpleType>
<xs:complexType name="displaymarking">
<xs:annotation>
<xs:documentation>Display Marking</xs:documentation>
<xs:documentation>String to be prominently displayed along with labeled
object.</xs:documentation>
</xs:annotation>
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="bgcolor" type="color" use="optional" default="white"/>
<xs:attribute name="fgcolor" type="color" use="optional" default="black"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
<xs:complexType name="label">
<xs:choice minOccurs="0">
<xs:any namespace="##other" processContents="lax"/>
</xs:choice>
</xs:complexType>
<xs:element name="securitylabel">
<xs:annotation>
<xs:documentation>A Security Label</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="displaymarking" type="displaymarking">
<xs:annotation>
<xs:documentation>A Display Marking</xs:documentation>
<xs:documentation>To be prominently displayed</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="label" type="label">
<xs:annotation>
<xs:documentation>The Primary Label</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="equivalentlabel" type="label" minOccurs="0" maxOccurs="unbounded">
<xs:annotation>
<xs:documentation>An Equivalent Label</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:schema>
]]></code>
A copy of this schema is available at
<link url='http://www.xmpp.org/schemas/sec-label.xsd'>
http://www.xmpp.org/schemas/sec-label.xsd</link>.
</p>
</section2>
<section2 topic='&lt;catalog/&gt; schema' anchor='schema-catalog'>
<p>
<code><![CDATA[
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:sl="urn:xmpp:sec-label:0"
xmlns="urn:xmpp:sec-label:catalog:0" targetNamespace="urn:xmpp:sec-label:catalog:0"
elementFormDefault="qualified">
<xs:annotation>
<xs:documentation>The protocol documented by this schema is defined in XEP-0258:
http://www.xmpp.org/extensions/xep-0258.html</xs:documentation>
</xs:annotation>
<xs:import schemaLocation="xep258.xsd" namespace="urn:xmpp:sec-label:0"/>
<xs:attribute name="to" type="xs:string">
<xs:annotation>
<xs:documentation>Target JabberId</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="name" type="xs:string">
<xs:annotation>
<xs:documentation>Name</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="desc" type="xs:string">
<xs:annotation>
<xs:documentation>Description</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="id" type="xs:string">
<xs:annotation>
<xs:documentation>Identifer for current revision, commonly a hash</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="size" type="xs:integer">
<xs:annotation>
<xs:documentation>Number of items</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:element name="catalog">
<xs:annotation>
<xs:documentation>A Catalog of Labels</xs:documentation>
</xs:annotation> </xs:annotation>
<xs:element name='securitylabel'> <xs:complexType>
<xs:complexType> <xs:sequence>
<xs:sequence> <xs:element ref="sl:securitylabel" maxOccurs="unbounded"/>
<xs:element ref='displaymarking' name='displaymarking'/> </xs:sequence>
<xs:element ref='label' type='label'/> <xs:attribute ref="to" use="optional"/>
<xs:element ref='equivalentlabel' type='label' <xs:attribute ref="name" use="optional"/>
minOccurs='0' maxOccurs='unbounded'/> <xs:attribute ref="desc" use="optional"/>
</xs:sequence> <xs:attribute ref="id" use="optional"/>
<xs:complexType> <xs:attribute ref="size" use="optional"/>
</xs:element> </xs:complexType>
</xs:element>
<xs:element name='displaymarking' type='xs:string'> </xs:schema>
<xs:attribute name='bgcolor' type='xs:string' use='optional'/>
<xs:attribute name='fgcolor' type='xs:string' use='optional'/>
</xs:element>
<xs:complexType name='label'/>
</xs:schema>
]]></code> ]]></code>
</p>
A copy of this schema is available at
<link url='http://www.xmpp.org/schemas/sec-label-catalog.xsd'>
http://www.xmpp.org/schemas/sec-label-catalog.xsd</link>.
</p>
</section2> </section2>
<section2 topic='&lt;esssecuritylabel/&gt; schema' anchor='schema-ess'> <section2 topic='&lt;esssecuritylabel/&gt; schema' anchor='schema-ess'>
<p> <p>
<code><![CDATA[ <code><![CDATA[
<?xml version='1.0' encoding='UTF-8'?> <?xml version="1.0" encoding="UTF-8"?>
<xs:schema <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:xmpp:sec-label:ess:0"
xmlns:xs='http://www.w3.org/2001/XMLSchema' xmlns="urn:xmpp:sec-label:ess:0" elementFormDefault="qualified">
targetNamespace='urn:xmpp:sec-label:ess:0' <xs:annotation>
xmlns='urn:xmpp:sec-label:ess:0' <xs:documentation> The protocol documented by this schema is defined in XEP-0258:
elementFormDefault='qualified'> http://www.xmpp.org/extensions/xep-0258.html </xs:documentation>
</xs:annotation>
<xs:element name="esssecuritylabel" type="xs:base64Binary">
<xs:annotation> <xs:annotation>
<xs:documentation> <xs:documentation>An S/MIME ESS SecurityLabel [RFC2634]</xs:documentation>
The protocol documented by this schema is defined in XEP-XXXX: <xs:documentation>Value is the base64 encoding of the BER/DER encoding of an ASN.1
http://www.xmpp.org/extensions/xep-XXXX.html ESSSecurityLabel type as defined in RFC 2634. </xs:documentation>
</xs:documentation>
</xs:annotation> </xs:annotation>
</xs:element>
<xs:element name='esssecuritylabel' type=xs:string'/> </xs:schema>
</xs:schema>
]]></code> ]]></code>
</p>
</section2>
<section2 topic='Label Information schema' anchor='schema-info'>
<p>
<code><![CDATA[
<?xml version='1.0' encoding='UTF-8'?>
<xs:schema
xmlns:xs='http://www.w3.org/2001/XMLSchema'
targetNamespace='urn:xmpp:sec-label:info:0'
xmlns='urn:xmpp:sec-label:info:0'
elementFormDefault='qualified'>
<xs:annotation> A copy of this schema is available at
<xs:documentation> <link url='http://www.xmpp.org/schemas/sec-label-ess.xsd'>
The protocol documented by this schema is defined in XEP-XXXX: http://www.xmpp.org/schemas/sec-label-ess.xsd</link>.
http://www.xmpp.org/extensions/xep-XXXX.html
</xs:documentation>
</xs:annotation>
<xs:element name='query'>
<xs:complexType>
<xs:sequence>
<xs:element ref='labelcatalog' name='labelcatalog'
minOccurs='0' maxOccurs='1'/>
<!-- additional elements here -->
<xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name='labelcatalog'>
<xs:complexType>
<xs:element ref='securitylabel' type='securitylabel'
minOccurs='1' maxOccurs='unbounded'/>
</xs:complexType>
</xs:element>
<xs:complexType name='securitylabel'/>
</xs:schema>
]]></code>
</p> </p>
</section2> </section2>
</section1> </section1>