INTERNET-DRAFT S. Legg draft-legg-xed-dxer-00.txt Adacel Technologies Intended Category: Standard Track D. Prager Deakin University August 7, 2003 Directory XML Encoding Rules for ASN.1 Types Copyright (C) The Internet Society (2003). All Rights Reserved. Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress". The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Distribution of this document is unlimited. Comments should be sent to the authors. This Internet-Draft expires on 7 February 2004. Abstract This document defines a set of Abstract Syntax Notation One (ASN.1) encoding rules, called the Directory XML Encoding Rules or DXER, that produce an Extensible Markup Language (XML) representation for values of any given ASN.1 data type. Legg & Prager Expires 7 February 2004 [Page 1] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 Table of Contents 1. Introduction .................................................. 2 2. Conventions ................................................... 3 3. Definitions ................................................... 3 4. General Considerations ........................................ 4 5. Standalone DXER Encodings ..................................... 5 6. Encoding Rules ................................................ 6 6.1 Identifiers ............................................... 6 6.2 Type Referencing Notations ................................ 6 6.3 Restricted Character String Types ......................... 7 6.4 BIT STRING ................................................ 7 6.5 BOOLEAN ................................................... 8 6.6 CHARACTER STRING .......................................... 8 6.7 CHOICE .................................................... 8 6.8 EMBEDDED PDV .............................................. 9 6.9 ENUMERATED ................................................ 9 6.10 EXTERNAL ................................................. 9 6.11 GeneralizedTime .......................................... 9 6.12 INSTANCE OF .............................................. 10 6.13 INTEGER .................................................. 10 6.14 NULL ..................................................... 11 6.15 ObjectDescriptor ......................................... 11 6.16 OBJECT IDENTIFIER and RELATIVE-OID ....................... 11 6.17 OCTET STRING ............................................. 11 6.18 REAL ..................................................... 12 6.19 SEQUENCE and SET ......................................... 12 6.20 SEQUENCE OF and SET OF ................................... 13 6.21 UTCTime .................................................. 13 6.22 Open Type ................................................ 14 6.23 AnyType .................................................. 15 7. DXER Transfer Syntax .......................................... 16 8. Relationship to XER ........................................... 16 9. Security Considerations ....................................... 17 10. Acknowledgements ............................................. 17 11. Normative References ......................................... 17 12. Informative References ....................................... 18 13. Intellectual Property Notice ................................. 19 14. Copyright Notice ............................................. 19 15. Authors' Addresses ........................................... 20 1. Introduction This document defines a set of Abstract Syntax Notation One (ASN.1) [X680] encoding rules, called the Directory XML Encoding Rules or DXER, that produce an Extensible Markup Language (XML) [XML] representation of ASN.1 values of any given arbitrary ASN.1 type. Legg & Prager Expires 7 February 2004 [Page 2] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 An ASN.1 value is regarded as analogous to the content of an element. The DXER encoding of an ASN.1 value is the well-formed and valid content of an element in an XML document [XML] conforming to XML namespaces [XMLNS]. Simple ASN.1 data types such as PrintableString, INTEGER, BOOLEAN, define character data content while the ASN.1 combining types (i.e. SET, SEQUENCE, SET OF, SEQUENCE OF, and CHOICE) define element content. The element names are provided by the identifiers of the components in combining type definitions. Note that "ASN.1 value" does not mean a Basic Encoding Rules (BER) [X690] encoded value. The ASN.1 value is an abstract concept that is independent of any particular encoding. BER is just one possible encoding of an ASN.1 value. This document defines another possible encoding. Rules for canonical DXER encodings will be introduced in a revision of this document. 2. Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [BCP14]. Throughout this document "type" shall be taken to mean an ASN.1 type, and "value" shall be taken to mean an ASN.1 abstract value. A reference to a ASN.1 production [X680] (e.g. Type, NamedType) is a reference to the text in an ASN.1 specification corresponding to that production. The specification of DXER makes use of definitions from the XML Information Set (Infoset) [ISET]. In particular, information item property names are presented per the Infoset, e.g. [local name]. In the sections that follow, the term "element" shall be taken to mean an Infoset element information item. Literal character strings to be used in the DXER encoding appear within double quotes, however the double quotes are not part of the literal value and do not appear in the encoding. This document uses the namespace prefix "xsi:" to stand for the namespace name "http://www.w3.org/2001/XMLSchema-instance", though in practice any valid namespace prefix is permitted in DXER encodings. 3. Definitions Legg & Prager Expires 7 February 2004 [Page 3] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 The root element of an XML document is the [document element] of the document information item corresponding to the XML document. The normalized content of an element information item is the list of information items formed by taking, in order, each character and element information item in the [children] of the element information item (thus eliminating any comments or PIs from consideration when determining the correctness of a DXER encoding). If the normalized content contains only character information items then its string value is the sequence of [character codes] of those character information items in order, otherwise its string value is empty. Note that the normalized content definition is for descriptive purposes only. There is no requirement for DXER encodings to actually be normalized. 4. General Considerations A DXER encoding is permitted to contain XML comments, processing instructions (PIs), CDATA sections, character references and parsed entity references in any position allowed for a well-formed and valid XML document [XML]. If entity references (to other than the predefined entities) are used then the XML document containing the DXER encoding must necessarily contain a document type declaration and the internal or external subset of the document type definition (DTD) must contain a declaration for the entity. Although comments and PIs are permitted in DXER encodings, there is no provision for representing comments and PIs in ASN.1 abstract values, therefore applications using DXER MAY discard any comments or PIs in received encodings. Similarly, there is no provision for representing entity references in ASN.1 abstract values, therefore applications using DXER MAY replace entity references with their replacement text at any time. The [attributes] of any element in a DXER encoding are permitted to contain an attribute information item with the [local name] "type" and the [namespace name] "http://www.w3.org/2001/XMLSchema-instance" (i.e. xsi:type [XSD1]) provided the Type of the corresponding NamedType has an associated qualified name [XMLNS] (see Section 6.22) that can be used to identify the type. Legg & Prager Expires 7 February 2004 [Page 4] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 Any element in a DXER encoding is permitted to have namespace declaration attributes [XMLNS]. However note that, with the possible exception of the root element, the [namespace name] of an element in a DXER encoding is required to have no value. Thus the applicability of namespace declarations will be limited to defining the [prefix] for the root element, and the Prefix for qualified names as values of the xsi:type attribute. 5. Standalone DXER Encodings The DXER encoding of some value generates only the content of an element. When the value being encoded is only part of some larger XML document (which is, for example, the way ASN.1 Schema [ASD] uses DXER) then it is the responsibility of the specification invoking DXER to determine the context of the enclosing element (i.e. its [local name] and [namespace name]). DXER can also be used to generate an entire XML document from the encoding of a value. This is termed a Standalone DXER Encoding of the value. ASN.1 does not have a concept analogous to the root element of an XML document. That is, ASN.1 does not allow a NamedType to appear on its own, outside of an enclosing combining type. This means that the rules for encoding the root element in a Standalone DXER Encoding differ from those that apply to any other element in a DXER encoding. In a Standalone DXER Encoding the [local name] and [namespace name] of the root element are determined from the ASN.1 type of the value being encoded. If the ASN.1 type is not identified with a typereference (excluding parameterized reference names) [ASN.1] then the the [local name] of the root element SHALL be "anonymous" and the [namespace name] of the root element SHALL have no value, otherwise if the ASN.1 module in which the type is defined does not have a namespace name [XEDNS] then the [local name] of the root element SHALL be the typereference and the [namespace name] of the root element SHALL have no value, otherwise the [local name] of the root element SHALL be the typereference and the [namespace name] of the root element SHALL be the namespace name of the module. In the final case, a namespace declaration will also be required to associate the namespace name with the chosen [prefix] of the root element. The [attributes] and [children] of the root element (i.e. its content) are generated by the normal application of the encoding rules in Section 6 to the value being encoded. Legg & Prager Expires 7 February 2004 [Page 5] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 6. Encoding Rules The following sections describe the DXER encoding for values of each of the ASN.1 type notations. ASN.1 values are uniformly regarded as analogous to the content of an element, not complete elements in their own right. In every case described in the following sections, if the encoding of an ASN.1 value produces no content then the enclosing element MAY be encoded as an empty element (i.e. using an empty-element tag). 6.1 Identifiers An identifier, as defined in ASN.1 notation (Clause 11.3 of X.680 [X680]), is a character string that begins with a latin lowercase letter (U+0061-U+007A) and is followed by zero, one or more latin letters (U+0041-U+005A, U+0061-U+007A), decimal digits (U+0030-U+0039), and hyphens (U+002D). A hyphen is not permitted to be the last character and a hyphen is not permitted to be followed by another hyphen. The case of letters in an identifier is always significant. ASN.1 identifiers are used for the [local name] of child elements and may also appear in the character data content of elements. 6.2 Type Referencing Notations A value of a type with a defined type name is encoded according to the type definition on the right hand side of the type assignment for the type name. A value of a type denoted by the use of a parameterized type with actual parameters is encoded according to the parameterized type with the DummyReferences [X683] substituted with the actual parameters. A value of a tagged or constrained type is encoded as a value of the type without the tag or constraint, respectively. Tags do not appear in the XML encodings defined by this document. See X.680 [X680] and X.682 [X682] for the details of ASN.1 constraint notation. A value of a fixed type denoted by an ObjectClassFieldType is encoded according to that fixed type (see Section 6.22 for the case of an ObjectClassFieldType denoting an open type). A value of a selection type is encoded according to the type referenced by the selection type. Legg & Prager Expires 7 February 2004 [Page 6] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 A value of a type described by TypeFromObject notation [X681] is encoded according to the denoted type. A value of a type described by ValueSetFromObjects notation [X681] is encoded according to the governing type. 6.3 Restricted Character String Types A value of a restricted character string type is encoded such that the normalized content is the sequence of character information items representing the characters in the string. Depending on the ASN.1 string type, and an application's internal representation of that string type, a character may need to be translated to or from the equivalent ISO 10646 character code [UCS]. The NumericString, PrintableString, IA5String, VisibleString (ISO646String), BMPString and UniversalString character encodings use the same character codes as ISO 10646. For the remaining string types (GeneralString, GraphicString, TeletexString, T61String and VideotexString) see X.680 [X680]. Note that a consequence of defining the DXER encoding in terms of the XML Infoset is the implied requirement for ampersand ('&', U+0026) and left angle bracket ('<', U+003C) characters in string values to be escaped appropriately [XML]. Certain characters (e.g. control characters) are not legal characters for XML. These characters are encoded as the replacement character (U+FFFD). When decoding, the replacement character is retained if it is a permitted character for the string type, otherwise it is converted to U+0000 if that character is permitted by the string type, otherwise it is discarded. 6.4 BIT STRING A value of the BIT STRING type without a NamedBitList is encoded such that the string value of the normalized content is either a binary digit string or a hexadecimal digit string. A hexadecimal digit string MAY be used only if the number of bits in a BIT STRING value is a multiple of eight, otherwise a binary digit string is used. A binary digit string is a sequence of zero, one or more of the binary digit characters "0" and "1" (i.e. U+0030 and U+0031), Each bit in the BIT STRING value is encoded as a binary digit in order from the first bit to the last bit. A hexadecimal digit string is a sequence of zero, one or more pairs Legg & Prager Expires 7 February 2004 [Page 7] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 of the hexadecimal digit characters "0"-"9", "A"-"F" and "a"-"f" (i.e. U+0030-U+0039, U+0041-U+0046 and U+0061-U+0066). Each group of eight bits in the BIT STRING value is encoded as a pair of hexadecimal digits where the first bit is the most significant. An odd number of hexadecimal digits is not permitted. If a hexadecimal digit string is used then the enclosing element's [attributes] SHALL contain an attribute information item with the [local name] "type" and the [namespace name] "http://www.w3.org/2001/XMLSchema-instance". The [normalized value] of this attribute SHALL be the qualified name with namespace name "http://www.w3.org/2001/XMLSchema" and local part "hexBinary" (e.g. xsi:type="xsd:hexBinary"). A value of the BIT STRING type with a NamedBitList is encoded such that the string value of the normalized content is either, as above for the BIT STRING type without a NamedBitList or, a space separated list of identifiers. In the latter case, each "1" bit in the BIT STRING value is represented by its corresponding identifier from the NamedBitList, in any order. 6.5 BOOLEAN The BOOLEAN value TRUE is encoded such that the string value of the normalized content is the literal "true" or "1", at the encoder's option. The BOOLEAN value FALSE is encoded such that the string value of the normalized content is the literal "false" or "0", at the encoder's option. The DXER encoding of BOOLEAN values is intended to conform to the lexical representation of the XML Schema boolean datatype. 6.6 CHARACTER STRING A value of the unrestricted CHARACTER STRING type is encoded according to the corresponding SEQUENCE type defined in Clause 40.5 of X.680 [X680]. 6.7 CHOICE A value of a CHOICE type other that a ChoiceOfStrings type [GSER] is encoded such that the normalized content is a single child element information item - corresponding to the actual chosen alternative - optionally preceded by and/or followed by white space character information items. The chosen alternative corresponds to some NamedType in the CHOICE Legg & Prager Expires 7 February 2004 [Page 8] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 type definition. The [local name] of the child element corresponding to the chosen alternative SHALL be the identifier of the corresponding NamedType, the [namespace name] of the child element SHALL have no value, and the content of the child element SHALL be the encoding of the value of the chosen alternative according to the Type of this NamedType. A value of a ChoiceOfStrings type is encoded such that the string value of the normalized content is the encoding of the value of the chosen alternative. The enclosing element's [attributes] MAY contain an attribute information item with the [local name] "type" and the [namespace name] "http://www.w3.org/2001/XMLSchema-instance" to identify the chosen alternative. The [normalized value] of this attribute SHALL be the qualified name with namespace name "http://xmled.info/ns/ASN.1/0702/00" and local part either "BMPString", "GeneralString", "GraphicString", "IA5String", "ISO646String", "NumericString", "PrintableString", "TeletexString", "T61String", "UniversalString", "UTF8String", "VideotexString", or "VisibleString", as appropriate. If the ChoiceOfStrings value has no character data then the enclosing element MAY be encoded as an empty element (i.e. using an empty-element tag). 6.8 EMBEDDED PDV A value of the EMBEDDED PDV type is encoded according to the corresponding SEQUENCE type defined in Clause 33.5 of X.680 [X680]. 6.9 ENUMERATED A value of an ENUMERATED type is encoded such that the string value of the normalized content is the identifier corresponding to the actual value. 6.10 EXTERNAL A value of the EXTERNAL type is encoded according to the corresponding SEQUENCE type defined in Clause 8.18.1 of X.690 [X690]. 6.11 GeneralizedTime A value of the GeneralizedTime type is encoded such that the string value of the normalized content is a date followed by the letter "T", Legg & Prager Expires 7 February 2004 [Page 9] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 a time of day, optional fractional seconds, and an optional time zone. The date is two decimal digits representing the century, followed by two decimal digits representing the year, "-" (U+002D), two decimal digits representing the month, "-" (U+002D), and two decimal digits representing the day. The time of day is two decimal digits representing the hour, followed by ":" (U+003A), two decimal digits representing the minutes, ":" (U+003A), and two decimal digits representing the seconds. The fractional seconds is a period "." (U+002E) followed by zero, one or more decimal digits (U+0030-U+0039). A GeneralizedTime value with fractional hours or minutes is first converted to the equivalent time with whole minutes and seconds and, if necessary, fractional seconds. The minutes are encoded as "00" if the GeneralizedTime value omits minutes. The seconds are encoded as "00" if the GeneralizedTime value omits seconds. The time zone, if present, is either the letter "Z" (U+005A) to indicate Coordinated Universal Time, a "+" (U+002B) followed by a time zone differential, or a "-" (U+002D) followed by a time zone differential. A time zone differential is two decimal digits representing hours, ":" (U+003A), and two decimal digits representing minutes. The seconds are encoded as "00" if the GeneralizedTime value omits seconds from the time zone differential. The DXER encoding of GeneralizedTime values is intended to conform to the lexical representation of the XML Schema dateTime datatype. 6.12 INSTANCE OF A value of the INSTANCE OF type is encoded according to the corresponding SEQUENCE type defined in Annex C of X.681 [X681]. 6.13 INTEGER A value of the INTEGER type without a NamedNumberList is encoded such that the string value of the normalized content is a number string representing the integer value. A number string is a sequence of one Legg & Prager Expires 7 February 2004 [Page 10] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 or more of the decimal digit characters "0" to "9" (U+0030-U+0039), with an optional leading sign, either "+" (U+002B) or "-" (U+002D). Multiple leading zero digits are permitted. A value of an INTEGER type with a NamedNumberList is encoded such that the string value of the normalized content is either a number string or the identifier corresponding to the actual INTEGER value. The DXER encoding of INTEGER values is intended to conform to the lexical representation of the XML Schema integer datatype. 6.14 NULL A value of the NULL type is encoded such that the normalized content is empty. 6.15 ObjectDescriptor A value of the ObjectDescriptor type is encoded according to the GraphicString type. 6.16 OBJECT IDENTIFIER and RELATIVE-OID A value of the OBJECT IDENTIFIER type or RELATIVE-OID type is encoded such that the string value of the normalized content is a "." (U+002E) separated list of the object identifier components of the value. Each object identifier component is encoded as a non-negative number string. A non-negative number string is either the digit character "0" (U+0030), or a non-zero decimal digit character (U+0031-U+0039) followed by zero, one or more of the decimal digit characters "0" to "9" (U+0030-U+0039). 6.17 OCTET STRING A value of the OCTET STRING type is encoded such that the string value of the normalized content is the hexadecimal digit string representation of the octets. The octets are encoded in order from the first octet to the last octet. Each octet is encoded as a pair of the hexadecimal digit characters "0"-"9", "A"-"F" and "a"-"f" (i.e. U+0030-U+0039, U+0041-U+0046 and U+0061-U+0066). where the first digit in the pair corresponds to the four most significant bits of the octet. An odd number of hexadecimal digits is not permitted. The DXER encoding of OCTET STRING values is intended to conform to Legg & Prager Expires 7 February 2004 [Page 11] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 the lexical representation of the XML Schema hexBinary datatype. 6.18 REAL A value of the REAL type is encoded such that the string value of the normalized content is the character string "0" if the value is positive zero, the character string "-0" if the value is negative zero, the character string "INF" if the value is positive infinity, the character string "-INF" if the value is negative infinity, the character string "NaN" if the value is not a number, or a real number otherwise. A real number is the mantissa followed by either "E" (U+0045) or "e" (U+0065) and the exponent. If the exponent is zero then the "E" or "e" and exponent MAY be omitted. The mantissa is a sequence of one or more of the decimal digit characters "0" to "9" (U+0030-U+0039), with an optional leading sign, either "+" (U+002B) or "-" (U+002D). Multiple leading zero digits are permitted. The exponent is encoded as a number string (see Section 6.13). The DXER encoding of REAL values is intended to be compatible with the lexical representation of the XML Schema double datatype (but allows real values outside the range permitted by double). 6.19 SEQUENCE and SET A value of a SEQUENCE type (other than the AnyType type [GLUE]) or a SET type is encoded such that the normalized content is a series of zero, one or more child element information items - one for each component value actually present in the SEQUENCE or SET value - optionally preceded by, followed by, and/or separated by white space character information items. Each component value corresponds to some NamedType in the SEQUENCE or SET type definition. The [local name] of the child element corresponding to the component value SHALL be the identifier of the corresponding NamedType, the [namespace name] of the child element SHALL have no value, and the content of the child element SHALL be the encoding of the component value according to the Type of the NamedType. The component values are encoded in the order of their definition in the type, for both SEQUENCE and SET types. This is a deliberate departure from BER where the components of a SET can be encoded in any order. Legg & Prager Expires 7 February 2004 [Page 12] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 If the SEQUENCE or SET type is extensible [X680] then the DXER decoder must be capable of skipping over any child element with a name that is not recognised, on the assumption that the sender is using a more recent definition of the SEQUENCE or SET type. 6.20 SEQUENCE OF and SET OF A value of a SEQUENCE OF or SET OF ASN.1 type is encoded such that the normalized content is a series of zero, one or more child elements - one for each component value - optionally preceded by, followed by, and/or separated by white space character information items. The [namespace name] of each child element SHALL have no value, and the content of each child element SHALL be the encoding of the corresponding component value according to the Type. For a value of a SEQUENCE OF NamedType or SET OF NamedType, the [local name] of each child element SHALL be the identifier of the NamedType. For a value of a SEQUENCE OF Type or SET OF Type, the [local name] of each child element SHALL be the literal "item". If the SEQUENCE OF or SET OF value has no component values then the enclosing element MAY be encoded as an empty element (i.e. using an empty-element tag). 6.21 UTCTime A value of the UTCTime type is encoded such that the string value of the normalized content is a date followed by the letter "T", a time of day, and an optional time zone. The date is two decimal digits representing the century, followed by two decimal digits representing the year, "-" (U+002D), two decimal digits representing the month, "-" (U+002D), and two decimal digits representing the day. A UTCTime value does not indicate the century, therefore the century in the DXER encoding is generated from the year value as follows. If the year is in the range 50-99 then the century is "19", otherwise the century is "20". Note that DXER encoded UTCTime values with a four digit year outside the range 1950 to 2049 are illegal. The time of day is two decimal digits representing the hour, followed by ":" (U+003A), two decimal digits representing the minutes, ":" (U+003A), and two decimal digits representing the seconds. Legg & Prager Expires 7 February 2004 [Page 13] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 The seconds are encoded as "00" if the UTCTime value omits seconds. The time zone, if present, is either the letter "Z" (U+005A) to indicate Coordinated Universal Time, a "+" (U+002B) followed by a time zone differential, or a "-" (U+002D) followed by a time zone differential. A time zone differential is two decimal digits representing hours, ":" (U+003A), and two decimal digits representing minutes. The DXER encoding of UTCTime values is intended to conform to the lexical representation of the XML Schema dateTime datatype. 6.22 Open Type A value of an open type denoted by an ObjectClassFieldType [X.681] is encoded according to the specific Type of the value. If the encoding of the value does not generate an attribute information item with the [local name] "type" and the [namespace name] "http://www.w3.org/2001/XMLSchema-instance" (i.e. xsi:type, see Sections 6.4 & 6.7) then: a) if the Type is a typereference (not a DummyReference) or an ExternalTypeReference in a DefinedType in a ReferencedType and then and the ASN.1 module in which the referenced type is defined has a namespace name [XEDNS] then the [attributes] of the enclosing element SHOULD contain an attribute information item with the [local name] "type" and the [namespace name] "http://www.w3.org/2001/XMLSchema-instance" (i.e. xsi:type), where the [normalized value] of this attribute SHALL be a qualified name with the namespace name of the module as the namespace name and the typereference as the local part, b) if the Type comprises one of the productions in Table 1 of the specification for ASN.1 Schema [ASD] then the [attributes] of the enclosing element SHOULD contain an attribute information item with the [local name] "type" and the [namespace name] "http://www.w3.org/2001/XMLSchema-instance", where the [normalized value] of this attribute SHALL be a qualified name with the namespace name "http://xmled.info/ns/ASN.1/0702/00" and the local part as indicated in Table 1. Note that the values of the xsi:type attribute are the same qualified names that would be used to reference the corresponding types in the ASN.1 Schema representation [ASD] of the ASN.1 specification, or the XML Schema derivation [CXSD] of the ASN.1 Legg & Prager Expires 7 February 2004 [Page 14] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 specification. Where the xsi:type attribute is present, appropriate namespace declaration attributes for the namespace names in the attribute's name and value MUST be added to the enclosing element's [attributes] if not already in the [in-scope namespaces] for the element. The namespace prefixes are the encoder's choice. 6.23 AnyType The AnyType type [GLUE] is used to embed arbitrary XML within ASN.1 specifications. The DXER encoding of a value of the AnyType type is intended to be Infoset equivalent to the original XML used to populate the AnyType value. The character string in the attributes or context component of an AnyType value is an XML textual representation of a sequence of attribute information items. The character string in the content component of an AnyType value is an XML textual representation of a sequence of character, comment, processing instruction and child element information items. A value of the AnyType type is encoded such that: a) the [children] of the enclosing element is the same as the sequence of information items represented by the content component, b) the [attributes] of the enclosing element includes the attribute information items represented by the attributes component, plus the namespace declarations in the context component that are not already defined in the [in-scope namespaces] of the enclosing element. The character string in the prolog component of an AnyType value is text conforming to the prolog production of XML [XML]. It is used to interpret entity references in the context, attributes or content components of the value. Any entity references in the context, attributes or content components of the AnyType value MUST either be replaced in the DXER encoding by their replacement text, or the corresponding entity declarations in the prolog component must be added to the DTD of the XML document containing the DXER encoding. Note that the latter may not be possible because of a conflict with an existing entity declaration of the same name. Applications will generally find it easier to expand out entity references at the earliest opportunity. Legg & Prager Expires 7 February 2004 [Page 15] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 If the content component of the value is absent then the enclosing element MAY be encoded as an empty element (i.e. using an empty-element tag). 7. DXER Transfer Syntax The following OBJECT IDENTIFIER has been assigned by Adacel Technologies, under an arc assigned to Adacel by Standards Australia, to identify the Directory XML Encoding Rules: { 1 2 36 79672281 0 2 } This OBJECT IDENTIFIER would be used, for example, to describe the transfer syntax for a DXER encoded data-value in an EMBEDDED PDV value. 8. Relationship to XER DXER and XER [X693] are separate, distinctly different and incompatible ASN.1 encoding rules for producing XML markup from ASN.1 abstract values. DXER is therefore unrelated to the XML ASN.1 Value Notation of X.680 [X680]. There is usually a requirement on applications specified in ASN.1 to maintain backward compatibility with the encodings generated by previous versions. The encodings in question are typically BER. Even with the backward compatibility constraint there is still considerable leeway for specification writers to rewrite the earlier specification. For example, renaming types, factoring out an in-line type definition as a named type (or the reverse), or replacing a type definition with an equivalent parameterized reference. These changes produce no change to BER, DER, CER, PER [X691], or GSER [GSER] encodings (so specification writers have felt free to make such changes to improve their specification), but can change the [local name] of elements in the XER encoding. Except for the special case of the root element, the DXER encoding is immune to this problem, thus DXER encodings are more stable than XER encodings over successive revisions of an ASN.1 specification. That has an obvious benefit for interoperability. DXER allows entity references, comments and PIs in encodings. XER does not. DXER is conformant with XML namespaces [XMLNS], while XER does not allow qualified names at all. Legg & Prager Expires 7 February 2004 [Page 16] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 DXER has also been designed so that is it possible to generate, from any arbitrary ASN.1 specification, a compatible XML Schema that will validate correct DXER encodings [CXSD]. The same is not generally true of XER, except by making changes to the original ASN.1 specification. 9. Security Considerations DXER does not necessarily enable the exact octet encoding of values of the TeletexString, VideotexString, GraphicString or GeneralString types to be reconstructed, so a transformation from DER to DXER and back to DER may not reproduce the original DER encoding. Therefore DXER MUST NOT be used to re-encode, whether for storage or transmission, ASN.1 abstract values whose original binary encoding must be recoverable. Such recovery is needed for the verification of digital signatures. In such cases, protocols ought to use DER or a DER-reversible encoding. When interpreting security-sensitive fields, and in particular fields used to grant or deny access, implementations MUST ensure that any comparisons are done on the underlying abstract value, regardless of the particular encoding used. 10. Acknowledgements This document and the technology it describes are a product of a joint research project between Adacel Technologies Limited and Deakin University on leveraging existing directory technology to produce an XML-based directory service. 11. Normative References [BCP14] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [XEDNS] Legg, S. and D. Prager, "XED: IANA Considerations", draft-legg-xed-iana-xx.txt, a work in progress, August 2003. [GLUE] Legg, S. and D. Prager, "XED: Schema Language Integration", draft-legg-xed-glue-xx.txt, a work in progress, August 2003. [X680] ITU-T Recommendation X.680 (07/02) | ISO/IEC 8824-1, Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation. Legg & Prager Expires 7 February 2004 [Page 17] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 [X681] ITU-T Recommendation X.681 (07/02) | ISO/IEC 8824-2, Information technology - Abstract Syntax Notation One (ASN.1): Information object specification. [X682] ITU-T Recommendation X.682 (07/02) | ISO/IEC 8824-3, Information technology - Abstract Syntax Notation One (ASN.1): Constraint specification. [X683] ITU-T Recommendation X.683 (07/02) | ISO/IEC 8824-4, Information technology - Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 specifications. [X690] ITU-T Recommendation X.690 (07/02) | ISO/IEC 8825-1, Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER). [UCS] ISO/IEC 10646-1:2000, Information technology - Universal Multiple-Octet Coded Character Set (UCS) - Part 1: Architecture and Basic Multilingual Plane. [XML] Bray, T., Paoli, J., Sperberg-McQueen, M. and E. Maler, "Extensible Markup Language (XML) 1.0 (Second Edition)", W3C Recommendation, http://www.w3.org/TR/2000/REC-xml-20001006, October 2000. [XMLNS] Bray, T., Hollander, D. and A. Layman, "Namespaces in XML", http://www.w3.org/TR/1999/REC-xml-names-19990114, January 1999. [ISET] Cowan, J. and R. Tobin, "XML Information Set", W3C Recommendation, http://www.w3.org/TR/2001/REC-xml- infoset-20011024, October 2001. [XSD1] Thompson, H., Beech, D., Maloney, M. and N. Mendelsohn, "XML Schema Part 1: Structures", W3C Recommendation, http://www.w3.org/TR/2001/REC-xmlschema-1-20010502, May 2001. 12. Informative References [BCP11] Hovey, R. and S. Bradner, "The Organizations Involved in the IETF Standards Process", BCP 11, RFC 2028, October 1996. [GSER] Legg, S., "Generic String Encoding Rules for ASN.1 Types", draft-legg-ldap-gser-xx.txt, a work in progress, June 2003. Legg & Prager Expires 7 February 2004 [Page 18] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 [ASD] Legg, S. and D. Prager, "ASN.1 Schema: An XML Representation for ASN.1 Specifications", draft-legg-xed-asd-xx.txt, a work in progress, August 2003. [CXSD] Legg, S. and D. Prager, "Translation of ASN.1 Specifications into XML Schema", draft-legg-xed-xsd-xx.txt, a work in progress, August 2003. [X691] ITU-T Recommendation X.691 (07/02) | ISO/IEC 8825-4:2002, Information technology - ASN.1 encoding rules: Specification of Packed Encoding Rules (PER) [X693] ITU-T Recommendation X.693 (12/01) | ISO/IEC 8825-4:2002, Information technology - ASN.1 encoding rules: XML encoding rules (XER) 13. Intellectual Property Notice The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. [BCP11] Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. 14. Copyright Notice Copyright (C) The Internet Society (2003). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any Legg & Prager Expires 7 February 2004 [Page 19] INTERNET-DRAFT Directory XML Encoding Rules August 7, 2003 kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 15. Authors' Addresses Dr. Steven Legg Adacel Technologies Ltd. 250 Bay Street Brighton, Victoria 3186 AUSTRALIA Phone: +61 3 8530 7710 Fax: +61 3 8530 7888 EMail: steven.legg@adacel.com.au Dr. Daniel Prager C/o Professor Lynn Batten Department of Computing and Mathematics Deakin University Geelong, Victoria 3217 AUSTRALIA EMail: dan@layabout.net EMail: lmbatten@deakin.edu.au Legg & Prager Expires 7 February 2004 [Page 20]