mirror of
https://github.com/moparisthebest/xeps
synced 2024-11-25 02:32:18 -05:00
0.2
git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@2867 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
parent
e979994657
commit
921f726091
459
xep-0258.xml
459
xep-0258.xml
@ -7,14 +7,6 @@
|
|||||||
<!ENTITY EQUIVALENTLABEL "<equivalentlabel/>">
|
<!ENTITY EQUIVALENTLABEL "<equivalentlabel/>">
|
||||||
<!ENTITY HEADLINE "<headline/>">
|
<!ENTITY HEADLINE "<headline/>">
|
||||||
<!ENTITY IDENTITY "<identity/>">
|
<!ENTITY IDENTITY "<identity/>">
|
||||||
<!ENTITY rfc2634 "<span class='ref'><link url='http://tools.ietf.org/html/rfc2634'>RFC 2634</link></span> <note>RFC 2634: Enhanced Security Services for S/MIME <<link url='http://tools.ietf.org/html/rfc2634'>http://tools.ietf.org/html/rfc2634</link>>.</note>" >
|
|
||||||
<!ENTITY ASN.1 "<span class='ref'><link url='http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf'>ASN.1</link></span> <note>X.680: Abstract Syntax Notation One (ASN.1): Specification of basic notation <<link url='http:://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf'>http:://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf</link>>.</note>" >
|
|
||||||
<!ENTITY BER "<span class='ref'><link url='http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf'>BER</link></span> <note>X.690: ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) <<link url='http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf'>http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf</link>>.</note>" >
|
|
||||||
<!ENTITY X.500 "<span class='ref'><link url='http://www.itu.int/rec/T-REC-X.500-200102-I/en'>X.500</link></span> <note>X.500: The Directory: Overview of concepts, models and service <<link url='http://www.itu.int/rec/T-REC-X.500-200102-I/en'>http://www.itu.int/rec/T-REC-X.500-200102-I/en</link>>.</note>" >
|
|
||||||
<!ENTITY X.841 "<span class='ref'><link url='http://www.itu.int/rec/T-REC-X.841-200010-I/en'>X.841</link></span> <note>X.841: Security techniques - Security information objects for access control <<link url='http://www.itu.int/rec/T-REC-X.841-200010-I/en'>http://www.itu.int/rec/T-REC-X.841-200010-I/en</link>>.</note>" >
|
|
||||||
<!ENTITY SDN.801c "<span class='ref'>SDN.801c</span> <note>SDN.801c: Access Control Concept and Mechanism, US National Security Agency, Revision C, 12 May 1999.</note>" >
|
|
||||||
<!ENTITY IC-ISM "<span class='ref'>IC-ISM</span> <note>Common Information Sharing Standard for Information Security Marking: XML Implementation, Office of the Director of National Intelligence,
|
|
||||||
Release 2.0.3, 15 February 2006.</note>" >
|
|
||||||
%ents;
|
%ents;
|
||||||
]>
|
]>
|
||||||
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
|
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
|
||||||
@ -33,7 +25,6 @@ Release 2.0.3, 15 February 2006.</note>" >
|
|||||||
<dependencies>
|
<dependencies>
|
||||||
<spec>XMPP Core</spec>
|
<spec>XMPP Core</spec>
|
||||||
<spec>XEP-0001</spec>
|
<spec>XEP-0001</spec>
|
||||||
<spec>Etc.</spec>
|
|
||||||
</dependencies>
|
</dependencies>
|
||||||
<supersedes/>
|
<supersedes/>
|
||||||
<supersededby/>
|
<supersededby/>
|
||||||
@ -44,6 +35,12 @@ Release 2.0.3, 15 February 2006.</note>" >
|
|||||||
<email>Kurt.Zeilenga@Isode.COM</email>
|
<email>Kurt.Zeilenga@Isode.COM</email>
|
||||||
<jid>Kurt.Zeilenga@Isode.COM</jid>
|
<jid>Kurt.Zeilenga@Isode.COM</jid>
|
||||||
</author>
|
</author>
|
||||||
|
<revision>
|
||||||
|
<version>0.2</version>
|
||||||
|
<date>2009-03-10</date>
|
||||||
|
<initials>kdz</initials>
|
||||||
|
<remark><p>Reworked discovery and various updates.</p></remark>
|
||||||
|
</revision>
|
||||||
<revision>
|
<revision>
|
||||||
<version>0.1</version>
|
<version>0.1</version>
|
||||||
<date>2009-01-05</date>
|
<date>2009-01-05</date>
|
||||||
@ -78,39 +75,42 @@ Release 2.0.3, 15 February 2006.</note>" >
|
|||||||
commonly used in conjunction with &X.500; clearances and either X.841 or &SDN.801c;
|
commonly used in conjunction with &X.500; clearances and either X.841 or &SDN.801c;
|
||||||
security policies.</p>
|
security policies.</p>
|
||||||
<example caption="Message with ESS Security Label"><![CDATA[
|
<example caption="Message with ESS Security Label"><![CDATA[
|
||||||
<message to='romeo@example.net' from='juliet@example.com/balcony'>
|
<message to='romeo@example.net' from='juliet@example.com/balcony'>
|
||||||
<body>This content is classified.</body>
|
<body>This content is classified.</body>
|
||||||
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
||||||
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
|
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
|
||||||
<label><esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
|
<label><esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'>
|
||||||
>MQYCAQIGASk=</esssecurityLabel></label>
|
MQYCAQQGASk=
|
||||||
</securityLabel>
|
</esssecuritylabel></label>
|
||||||
</message>
|
</securitylabel>
|
||||||
|
</message>
|
||||||
]]></example>
|
]]></example>
|
||||||
<example caption="Message with IC-ISM Label"><![CDATA[
|
<example caption="Message with IC-ISM Label"><![CDATA[
|
||||||
<message to='romeo@example.net' from='juliet@example.com/balcony'>
|
<message to='romeo@example.net' from='juliet@example.com/balcony'>
|
||||||
<body>This content is classified.</body>
|
<body>This content is classified.</body>
|
||||||
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
||||||
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
|
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
|
||||||
<label><icismlabel xmlns='http://example.gov/IC-ISM/0'
|
<label><icismlabel xmlns='http://example.gov/IC-ISM/0' classification='S'
|
||||||
classification='S' ownerProducer='USA' disseminationControls='FOUO'/></label>
|
ownerProducer='USA' disseminationControls='FOUO'/></label>
|
||||||
</securityLabel>
|
</securitylabel>
|
||||||
</message>
|
</message>
|
||||||
]]></example>
|
]]></example>
|
||||||
<p>Note: The &IC-ISM; label example is for <em>illustrative purposes only</em>.</p>
|
<p>Note: The &IC-ISM; label example is for <em>illustrative purposes only</em>.</p>
|
||||||
|
|
||||||
<p>The document details when security label metadata should or should not be provided, and how
|
<p>The document details when security label metadata should or should not be provided, and how
|
||||||
this metadata is to be processed.</p>
|
this metadata is to be processed.</p>
|
||||||
<p>This document does <em>not</em> (yet?) provide:
|
|
||||||
|
<p>This document does <em>not</em> provide:
|
||||||
<ul>
|
<ul>
|
||||||
<li>any mechanism for a client might discover the security policy enforce at its home server,
|
<li>any mechanism for a client might discover the security policy
|
||||||
or any other server;</li>
|
enforce at its home server, or any other server;</li>
|
||||||
<li>any mechanism for a client to discover the user's clearance,
|
<li>any mechanism for a client to discover the user's clearance,
|
||||||
or the clearance of associated with any resource; nor</li>
|
or the clearance of associated with any resource; nor</li>
|
||||||
<li>any administrative mechanism for a client to configure configure policy,
|
<li>any administrative mechanism for a client to configure
|
||||||
clearance, and labels of any resource.</li>
|
configure policy, clearance, and labels of any resource.</li>
|
||||||
</ul>
|
</ul>
|
||||||
Such mechanisms may be introduced in subsequent documents.</p>
|
|
||||||
|
Such mechanisms may be introduced in subsequent documents.</p>
|
||||||
</section1>
|
</section1>
|
||||||
|
|
||||||
<section1 topic='Discovering Feature Support' anchor='disco'>
|
<section1 topic='Discovering Feature Support' anchor='disco'>
|
||||||
@ -156,20 +156,20 @@ Release 2.0.3, 15 February 2006.</note>" >
|
|||||||
includes a security label, zero or more equivalent security labels, and optionally display
|
includes a security label, zero or more equivalent security labels, and optionally display
|
||||||
marking data.</p>
|
marking data.</p>
|
||||||
<example caption="Labeled Message"><![CDATA[
|
<example caption="Labeled Message"><![CDATA[
|
||||||
<message to='romeo@example.net' from='juliet@example.com/balcony'>
|
<message to='romeo@example.net' from='juliet@example.com/balcony'>
|
||||||
<body>This content is classified.</body>
|
<body>This content is classified.</body>
|
||||||
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
||||||
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
|
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
|
||||||
<label>
|
<label>
|
||||||
<esssecuritylabel xmlns='urn:xmpp:sec-label:0'
|
<esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
|
||||||
>MQYCAQIGASk=</esssecuritylabel>
|
>MQYCAQIGASk=</esssecuritylabel>
|
||||||
</label>
|
</label>
|
||||||
<equivalentlabel>
|
<equivalentlabel>
|
||||||
<esssecuritylabel xmlns='urn:xmpp:sec-label:0'
|
<esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
|
||||||
>MRACAgEABgIpARMGT3Jhbmdl</esssecuritylabel>
|
>MRUCAgD9DA9BcXVhIChvYnNvbGV0ZSk=</esssecuritylabel>
|
||||||
</equivalentlabel>
|
</equivalentlabel>
|
||||||
</securityLabel>
|
</securitylabel>
|
||||||
</message>
|
</message>
|
||||||
]]></example>
|
]]></example>
|
||||||
<p>The security label metadata is carried in an &SECURITYLABEL; element.
|
<p>The security label metadata is carried in an &SECURITYLABEL; element.
|
||||||
The &SECURITYLABEL; element which contains one and only one &LABEL; element,
|
The &SECURITYLABEL; element which contains one and only one &LABEL; element,
|
||||||
@ -193,21 +193,28 @@ Release 2.0.3, 15 February 2006.</note>" >
|
|||||||
colorizing the display marking.</p>
|
colorizing the display marking.</p>
|
||||||
</section1>
|
</section1>
|
||||||
|
|
||||||
<section1 topic='Label Information Discovery' anchor='label-disco'>
|
<section1 topic='Label Catalog Discovery' anchor='label-catalog'>
|
||||||
<p>It is RECOMMENDED the server publish security label information, including a
|
<p>It is RECOMMENDED the server publish a catalogs of security label
|
||||||
catalog of labels, for use by clients.</p>
|
for use by clients.</p>
|
||||||
<p>The catalog provided should only contain labels for which the client is allowed to use
|
<p>Each catalog provided should only contain labels for which the client
|
||||||
(based upon the user's authorization). The catalog may not be include the complete
|
is allowed to use (based upon the user's authorization) in a particular
|
||||||
set of labels available for the use by the client.</p>
|
context (such as in chatroom). A catalog may not be include the
|
||||||
<p>As each service domain may have different support for security labels, servers
|
complete set of labels available for the use by the client in the
|
||||||
should advertise and clients should perform appropriate discovery lookups on a
|
context.</p>
|
||||||
per service basis.</p>
|
<blockquote>Note: the single catalog per context approach used here
|
||||||
<p>To indicate the support for label information discovery, a server advertises the
|
is likely inadequate in enviroments where there are a large number
|
||||||
<tt>urn:xmpp:sec-label:info:0</tt> feature.</p>
|
of labels in use. It is expected that a more sophisticated approach
|
||||||
<example caption="Label Information Feature Discovery request"><![CDATA[
|
will be introduced in a subsequent revision of this
|
||||||
|
specification.</blockquote>
|
||||||
|
<p>As each service domain may have different support for security labels,
|
||||||
|
servers should advertise and clients should perform appropriate
|
||||||
|
discovery lookups on a per service basis.</p>
|
||||||
|
<p>To indicate the support for label catalog discovery, a server
|
||||||
|
advertises the <tt>urn:xmpp:sec-label:catalog:0</tt> feature.
|
||||||
|
The following pair of examples illustrates this feature discovery.</p>
|
||||||
|
<example caption="Label Catalog Feature Discovery request"><![CDATA[
|
||||||
<iq type='get'
|
<iq type='get'
|
||||||
from='user@example.com/Work'
|
from='user@example.com/Work'
|
||||||
to='example.com'
|
|
||||||
id='disco1'>
|
id='disco1'>
|
||||||
<query xmlns='http://jabber.org/protocol/disco#info'/>
|
<query xmlns='http://jabber.org/protocol/disco#info'/>
|
||||||
</iq>
|
</iq>
|
||||||
@ -219,65 +226,56 @@ Release 2.0.3, 15 February 2006.</note>" >
|
|||||||
id='disco1'>
|
id='disco1'>
|
||||||
<query xmlns='http://jabber.org/protocol/disco#info'>
|
<query xmlns='http://jabber.org/protocol/disco#info'>
|
||||||
...
|
...
|
||||||
<feature var='urn:xmpp:sec-label:0'/>
|
<feature var='urn:xmpp:sec-label:catalog:0'/>
|
||||||
<feature var='urn:xmpp:sec-label:info:0'/>
|
|
||||||
...
|
...
|
||||||
</query>
|
</query>
|
||||||
</iq>
|
</iq>
|
||||||
]]></example>
|
]]></example>
|
||||||
|
|
||||||
<p>The following example illustrates catalog discovery.</p>
|
<p>The following example pair illustrates catalog discovery.</p>
|
||||||
|
|
||||||
<!-- Hierarchy of labels? -->
|
<example caption="Label Catalog request"><![CDATA[
|
||||||
<example caption="Label Information request"><![CDATA[
|
<iq type='get' id='cat1'>
|
||||||
<iq type='get'
|
<catalog xmlns='urn:xmpp:sec-label:catalog:0' to='example.com'/>
|
||||||
from='user@example.com/Work'
|
|
||||||
to='example.com'
|
|
||||||
id='catalog1'>
|
|
||||||
<query xmlns='urn:xmpp:sec-label:info:0'/>
|
|
||||||
</iq>
|
</iq>
|
||||||
]]></example>
|
]]></example>
|
||||||
|
|
||||||
<example caption="Label Information response"><![CDATA[
|
<example caption="Label Catalog Get response"><![CDATA[
|
||||||
<iq type='result'
|
<iq type='result' to='user@example.com/Work' id='cat1'>
|
||||||
from='example.com'
|
<catalog xmlns='urn:xmpp:sec-label:catalog:0'
|
||||||
to='user@example.com/Work'
|
to='example.com' name='Default'
|
||||||
id='catalog1'>
|
desc='an example set of labels'/>
|
||||||
<query xmlns='urn:xmpp:sec-label:info:0'>
|
|
||||||
<labelcatalog>
|
|
||||||
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
||||||
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
|
<displaymarking fgcolor='black' bgcolor='red'>SECRET</displaymarking>
|
||||||
<label>
|
<label>
|
||||||
<esssecuritylabel xmlns='urn:xmpp:sec-label:0'
|
<esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
|
||||||
>MQYCAQQGASk=</esssecuritylabel>
|
>MQYCAQQGASk=</esssecuritylabel>
|
||||||
</label>
|
</label>
|
||||||
</securityLabel>
|
</securitylabel>
|
||||||
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
||||||
<displaymarking fgcolor='black' bgcolor='navy'>CONFIDENTIAL</displaymarking>
|
<displaymarking fgcolor='black' bgcolor='navy'>CONFIDENTIAL</displaymarking>
|
||||||
<label>
|
<label>
|
||||||
<esssecuritylabel xmlns='urn:xmpp:sec-label:0'
|
<esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
|
||||||
>MQYCAQMGASk=</esssecuritylabel>
|
>MQYCAQMGASk</esssecuritylabel>
|
||||||
</label>
|
</label>
|
||||||
</securityLabel>
|
</securitylabel>
|
||||||
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
||||||
<displaymarking fgcolor='black' bgcolor='aqua'>RESTRICTED</displaymarking>
|
<displaymarking fgcolor='black' bgcolor='aqua'>RESTRICTED</displaymarking>
|
||||||
<label>
|
<label>
|
||||||
<esssecuritylabel xmlns='urn:xmpp:sec-label:0'
|
<esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
|
||||||
>MQYCAQIGASk=</esssecuritylabel>
|
>MQYCAQIGASk=</esssecuritylabel>
|
||||||
</label>
|
</label>
|
||||||
</securityLabel>
|
</securitylabel>
|
||||||
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
||||||
<displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking>
|
<displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking>
|
||||||
<label>
|
<label>
|
||||||
<esssecuritylabel xmlns='urn:xmpp:sec-label:0'
|
<esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'
|
||||||
>MQMGASk=</esssecuritylabel>
|
>MQMGASk=</esssecuritylabel>
|
||||||
</label>
|
</label>
|
||||||
</securityLabel>
|
</securitylabel>
|
||||||
</labelcatalog>
|
</catalog>
|
||||||
</query>
|
|
||||||
</iq>
|
</iq>
|
||||||
]]></example>
|
]]></example>
|
||||||
<p>The label information may contain other elements.</p>
|
|
||||||
</section1>
|
</section1>
|
||||||
|
|
||||||
<section1 topic='Use in XMPP' anchor='xmpp-use'>
|
<section1 topic='Use in XMPP' anchor='xmpp-use'>
|
||||||
@ -508,9 +506,9 @@ And by opposing end them?
|
|||||||
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
||||||
<displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking>
|
<displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking>
|
||||||
<label>
|
<label>
|
||||||
<esssecuritylabel xmlns='urn:xmpp:sec-label:0'>MQMGASk=</esssecuritylabel>
|
<esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'>MQMGASk=</esssecuritylabel>
|
||||||
</label>
|
</label>
|
||||||
</securityLabel>
|
</securitylabel>
|
||||||
</item>
|
</item>
|
||||||
</publish>
|
</publish>
|
||||||
</pubsub>
|
</pubsub>
|
||||||
@ -540,9 +538,9 @@ And by opposing end them?
|
|||||||
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
<securitylabel xmlns='urn:xmpp:sec-label:0'>
|
||||||
<displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking>
|
<displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking>
|
||||||
<label>
|
<label>
|
||||||
<esssecuritylabel xmlns='urn:xmpp:sec-label:0'>MQMGASk=</esssecuritylabel>
|
<esssecuritylabel xmlns='urn:xmpp:sec-label:ess:0'>MQMGASk=</esssecuritylabel>
|
||||||
</label>
|
</label>
|
||||||
</securityLabel>
|
</securitylabel>
|
||||||
</item>
|
</item>
|
||||||
</items>
|
</items>
|
||||||
</event>
|
</event>
|
||||||
@ -552,6 +550,14 @@ And by opposing end them?
|
|||||||
</section2>
|
</section2>
|
||||||
</section1>
|
</section1>
|
||||||
|
|
||||||
|
<section1 topic='Extension Considerations' anchor='exts'>
|
||||||
|
<p>
|
||||||
|
This extension is itself is extensible. In particular, the &LABEL; and &EQUIVALENTLABEL;
|
||||||
|
elements are designed to hold a range of security labels formats. XML namespaces SHOULD
|
||||||
|
be used to avoid name clashes.
|
||||||
|
</p>
|
||||||
|
</section1>
|
||||||
|
|
||||||
<!--
|
<!--
|
||||||
<section1 topic='Implementation Notes' anchor='impl'>
|
<section1 topic='Implementation Notes' anchor='impl'>
|
||||||
<p>OPTIONAL.</p>
|
<p>OPTIONAL.</p>
|
||||||
@ -572,109 +578,208 @@ And by opposing end them?
|
|||||||
<p>This document requires no interaction with &IANA;.</p>
|
<p>This document requires no interaction with &IANA;.</p>
|
||||||
</section1>
|
</section1>
|
||||||
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
|
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
|
||||||
<p>It is requested the ®ISTRAR; add the extension's namespace and schema to
|
<p>It is requested the ®ISTRAR; add the extension's namespaces
|
||||||
appropriate XMPP registries.</p>
|
and schemas to appropriate XMPP registries.</p>
|
||||||
<p>It is requested the Registrar maintain a registry of label types. The
|
|
||||||
type string "<tt>ESS</tt>" is reserved for use as described in this document.</p>
|
|
||||||
</section1>
|
</section1>
|
||||||
<section1 topic='XML Schemas' anchor='schema'>
|
<section1 topic='XML Schemas' anchor='schema'>
|
||||||
<section2 topic='<securitylabel/> schema' anchor='schema-sl'>
|
<section2 topic='Extension Schema' anchor='schema-sl'>
|
||||||
<p>
|
<p>
|
||||||
<code><![CDATA[
|
<code><![CDATA[
|
||||||
<?xml version='1.0' encoding='UTF-8'?>
|
<?xml version='1.0' encoding='UTF-8'?>
|
||||||
<xs:schema
|
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:xmpp:sec-label:0"
|
||||||
xmlns:xs='http://www.w3.org/2001/XMLSchema'
|
xmlns="urn:xmpp:sec-label:0" elementFormDefault="qualified">
|
||||||
targetNamespace='urn:xmpp:sec-label:0'
|
|
||||||
xmlns='urn:xmpp:sec-label:0'
|
|
||||||
elementFormDefault='qualified'>
|
|
||||||
|
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>The protocol documented by this schema is defined in XEP-0258:
|
||||||
|
http://www.xmpp.org/extensions/xep-0258.html</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
|
||||||
|
<xs:simpleType name="colorCSS">
|
||||||
<xs:annotation>
|
<xs:annotation>
|
||||||
<xs:documentation>
|
<xs:documentation>CSS colors (W3C colors + "orange")</xs:documentation>
|
||||||
The protocol documented by this schema is defined in XEP-XXXX:
|
</xs:annotation>
|
||||||
http://www.xmpp.org/extensions/xep-XXXX.html
|
<xs:restriction base="xs:string">
|
||||||
</xs:documentation>
|
<xs:enumeration value="aqua"/>
|
||||||
|
<xs:enumeration value="black"/>
|
||||||
|
<xs:enumeration value="blue"/>
|
||||||
|
<xs:enumeration value="fuschia"/>
|
||||||
|
<xs:enumeration value="gray"/>
|
||||||
|
<xs:enumeration value="green"/>
|
||||||
|
<xs:enumeration value="lime"/>
|
||||||
|
<xs:enumeration value="maroon"/>
|
||||||
|
<xs:enumeration value="navy"/>
|
||||||
|
<xs:enumeration value="olive"/>
|
||||||
|
<xs:enumeration value="purple"/>
|
||||||
|
<xs:enumeration value="red"/>
|
||||||
|
<xs:enumeration value="silver"/>
|
||||||
|
<xs:enumeration value="teal"/>
|
||||||
|
<xs:enumeration value="white"/>
|
||||||
|
<xs:enumeration value="yellow"/>
|
||||||
|
<xs:enumeration value="orange"/>
|
||||||
|
</xs:restriction>
|
||||||
|
</xs:simpleType>
|
||||||
|
|
||||||
|
<xs:simpleType name="colorRGB">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>Hex encoded RGB</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
<xs:restriction base="xs:string">
|
||||||
|
<xs:pattern value="#[0-9A-Fa-f]{6}"/>
|
||||||
|
</xs:restriction>
|
||||||
|
</xs:simpleType>
|
||||||
|
|
||||||
|
<xs:simpleType name="color">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>Color</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
<xs:union memberTypes="colorCSS colorRGB"/>
|
||||||
|
</xs:simpleType>
|
||||||
|
|
||||||
|
<xs:complexType name="displaymarking">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>Display Marking</xs:documentation>
|
||||||
|
<xs:documentation>String to be prominently displayed along with labeled
|
||||||
|
object.</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
<xs:simpleContent>
|
||||||
|
<xs:extension base="xs:string">
|
||||||
|
<xs:attribute name="bgcolor" type="color" use="optional" default="white"/>
|
||||||
|
<xs:attribute name="fgcolor" type="color" use="optional" default="black"/>
|
||||||
|
</xs:extension>
|
||||||
|
</xs:simpleContent>
|
||||||
|
</xs:complexType>
|
||||||
|
|
||||||
|
<xs:complexType name="label">
|
||||||
|
<xs:choice minOccurs="0">
|
||||||
|
<xs:any namespace="##other" processContents="lax"/>
|
||||||
|
</xs:choice>
|
||||||
|
</xs:complexType>
|
||||||
|
|
||||||
|
<xs:element name="securitylabel">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>A Security Label</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
<xs:complexType>
|
||||||
|
<xs:sequence>
|
||||||
|
<xs:element name="displaymarking" type="displaymarking">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>A Display Marking</xs:documentation>
|
||||||
|
<xs:documentation>To be prominently displayed</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
</xs:element>
|
||||||
|
<xs:element name="label" type="label">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>The Primary Label</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
</xs:element>
|
||||||
|
<xs:element name="equivalentlabel" type="label" minOccurs="0" maxOccurs="unbounded">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>An Equivalent Label</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
</xs:element>
|
||||||
|
</xs:sequence>
|
||||||
|
</xs:complexType>
|
||||||
|
</xs:element>
|
||||||
|
</xs:schema>
|
||||||
|
]]></code>
|
||||||
|
|
||||||
|
A copy of this schema is available at
|
||||||
|
<link url='http://www.xmpp.org/schemas/sec-label.xsd'>
|
||||||
|
http://www.xmpp.org/schemas/sec-label.xsd</link>.
|
||||||
|
</p>
|
||||||
|
</section2>
|
||||||
|
<section2 topic='<catalog/> schema' anchor='schema-catalog'>
|
||||||
|
<p>
|
||||||
|
<code><![CDATA[
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:sl="urn:xmpp:sec-label:0"
|
||||||
|
xmlns="urn:xmpp:sec-label:catalog:0" targetNamespace="urn:xmpp:sec-label:catalog:0"
|
||||||
|
elementFormDefault="qualified">
|
||||||
|
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>The protocol documented by this schema is defined in XEP-0258:
|
||||||
|
http://www.xmpp.org/extensions/xep-0258.html</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
|
||||||
|
<xs:import schemaLocation="xep258.xsd" namespace="urn:xmpp:sec-label:0"/>
|
||||||
|
|
||||||
|
<xs:attribute name="to" type="xs:string">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>Target JabberId</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
</xs:attribute>
|
||||||
|
|
||||||
|
<xs:attribute name="name" type="xs:string">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>Name</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
</xs:attribute>
|
||||||
|
|
||||||
|
<xs:attribute name="desc" type="xs:string">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>Description</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
</xs:attribute>
|
||||||
|
|
||||||
|
<xs:attribute name="id" type="xs:string">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>Identifer for current revision, commonly a hash</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
</xs:attribute>
|
||||||
|
|
||||||
|
<xs:attribute name="size" type="xs:integer">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>Number of items</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
</xs:attribute>
|
||||||
|
|
||||||
|
<xs:element name="catalog">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>A Catalog of Labels</xs:documentation>
|
||||||
</xs:annotation>
|
</xs:annotation>
|
||||||
|
|
||||||
<xs:element name='securitylabel'>
|
<xs:complexType>
|
||||||
<xs:complexType>
|
<xs:sequence>
|
||||||
<xs:sequence>
|
<xs:element ref="sl:securitylabel" maxOccurs="unbounded"/>
|
||||||
<xs:element ref='displaymarking' name='displaymarking'/>
|
</xs:sequence>
|
||||||
<xs:element ref='label' type='label'/>
|
<xs:attribute ref="to" use="optional"/>
|
||||||
<xs:element ref='equivalentlabel' type='label'
|
<xs:attribute ref="name" use="optional"/>
|
||||||
minOccurs='0' maxOccurs='unbounded'/>
|
<xs:attribute ref="desc" use="optional"/>
|
||||||
</xs:sequence>
|
<xs:attribute ref="id" use="optional"/>
|
||||||
<xs:complexType>
|
<xs:attribute ref="size" use="optional"/>
|
||||||
</xs:element>
|
</xs:complexType>
|
||||||
|
</xs:element>
|
||||||
<xs:element name='displaymarking' type='xs:string'>
|
</xs:schema>
|
||||||
<xs:attribute name='bgcolor' type='xs:string' use='optional'/>
|
|
||||||
<xs:attribute name='fgcolor' type='xs:string' use='optional'/>
|
|
||||||
</xs:element>
|
|
||||||
|
|
||||||
<xs:complexType name='label'/>
|
|
||||||
</xs:schema>
|
|
||||||
]]></code>
|
]]></code>
|
||||||
</p>
|
|
||||||
|
A copy of this schema is available at
|
||||||
|
<link url='http://www.xmpp.org/schemas/sec-label-catalog.xsd'>
|
||||||
|
http://www.xmpp.org/schemas/sec-label-catalog.xsd</link>.
|
||||||
|
</p>
|
||||||
</section2>
|
</section2>
|
||||||
<section2 topic='<esssecuritylabel/> schema' anchor='schema-ess'>
|
<section2 topic='<esssecuritylabel/> schema' anchor='schema-ess'>
|
||||||
<p>
|
<p>
|
||||||
<code><![CDATA[
|
<code><![CDATA[
|
||||||
<?xml version='1.0' encoding='UTF-8'?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<xs:schema
|
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:xmpp:sec-label:ess:0"
|
||||||
xmlns:xs='http://www.w3.org/2001/XMLSchema'
|
xmlns="urn:xmpp:sec-label:ess:0" elementFormDefault="qualified">
|
||||||
targetNamespace='urn:xmpp:sec-label:ess:0'
|
<xs:annotation>
|
||||||
xmlns='urn:xmpp:sec-label:ess:0'
|
<xs:documentation> The protocol documented by this schema is defined in XEP-0258:
|
||||||
elementFormDefault='qualified'>
|
http://www.xmpp.org/extensions/xep-0258.html </xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
<xs:element name="esssecuritylabel" type="xs:base64Binary">
|
||||||
<xs:annotation>
|
<xs:annotation>
|
||||||
<xs:documentation>
|
<xs:documentation>An S/MIME ESS SecurityLabel [RFC2634]</xs:documentation>
|
||||||
The protocol documented by this schema is defined in XEP-XXXX:
|
<xs:documentation>Value is the base64 encoding of the BER/DER encoding of an ASN.1
|
||||||
http://www.xmpp.org/extensions/xep-XXXX.html
|
ESSSecurityLabel type as defined in RFC 2634. </xs:documentation>
|
||||||
</xs:documentation>
|
|
||||||
</xs:annotation>
|
</xs:annotation>
|
||||||
|
</xs:element>
|
||||||
<xs:element name='esssecuritylabel' type=xs:string'/>
|
</xs:schema>
|
||||||
</xs:schema>
|
|
||||||
]]></code>
|
]]></code>
|
||||||
</p>
|
|
||||||
</section2>
|
|
||||||
<section2 topic='Label Information schema' anchor='schema-info'>
|
|
||||||
<p>
|
|
||||||
<code><![CDATA[
|
|
||||||
<?xml version='1.0' encoding='UTF-8'?>
|
|
||||||
<xs:schema
|
|
||||||
xmlns:xs='http://www.w3.org/2001/XMLSchema'
|
|
||||||
targetNamespace='urn:xmpp:sec-label:info:0'
|
|
||||||
xmlns='urn:xmpp:sec-label:info:0'
|
|
||||||
elementFormDefault='qualified'>
|
|
||||||
|
|
||||||
<xs:annotation>
|
A copy of this schema is available at
|
||||||
<xs:documentation>
|
<link url='http://www.xmpp.org/schemas/sec-label-ess.xsd'>
|
||||||
The protocol documented by this schema is defined in XEP-XXXX:
|
http://www.xmpp.org/schemas/sec-label-ess.xsd</link>.
|
||||||
http://www.xmpp.org/extensions/xep-XXXX.html
|
|
||||||
</xs:documentation>
|
|
||||||
</xs:annotation>
|
|
||||||
|
|
||||||
<xs:element name='query'>
|
|
||||||
<xs:complexType>
|
|
||||||
<xs:sequence>
|
|
||||||
<xs:element ref='labelcatalog' name='labelcatalog'
|
|
||||||
minOccurs='0' maxOccurs='1'/>
|
|
||||||
<!-- additional elements here -->
|
|
||||||
<xs:sequence>
|
|
||||||
</xs:complexType>
|
|
||||||
</xs:element>
|
|
||||||
|
|
||||||
<xs:element name='labelcatalog'>
|
|
||||||
<xs:complexType>
|
|
||||||
<xs:element ref='securitylabel' type='securitylabel'
|
|
||||||
minOccurs='1' maxOccurs='unbounded'/>
|
|
||||||
</xs:complexType>
|
|
||||||
</xs:element>
|
|
||||||
|
|
||||||
<xs:complexType name='securitylabel'/>
|
|
||||||
</xs:schema>
|
|
||||||
]]></code>
|
|
||||||
</p>
|
</p>
|
||||||
</section2>
|
</section2>
|
||||||
</section1>
|
</section1>
|
||||||
|
Loading…
Reference in New Issue
Block a user