diff options
Diffstat (limited to 'schemas/relaxng/router-certificate.rnc')
| -rw-r--r-- | schemas/relaxng/router-certificate.rnc | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/schemas/relaxng/router-certificate.rnc b/schemas/relaxng/router-certificate.rnc new file mode 100644 index 00000000..8cc325ce --- /dev/null +++ b/schemas/relaxng/router-certificate.rnc @@ -0,0 +1,61 @@ +# $Id$ +# +# RelaxNG schema for BGPSEC router certificate interchange format. +# +# At least for now, this is a trivial encapsulation of a PKCS #10 +# request, a set (usually containing exactly one member) of autonomous +# system numbers, and a router-id. Be warned that this could change +# radically by the time we have any real operational understanding of +# how these things will be used, this is just our current best guess +# to let us move forward on initial coding. +# +# Copyright (C) 2014 Dragon Research Labs ("DRL") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +default namespace = "http://www.hactrn.net/uris/rpki/router-certificate/" + +version = "1" +base64 = xsd:base64Binary { maxLength="512000" } +router_id = xsd:unsignedInt +asn_list = xsd:string { maxLength="512000" pattern="[0-9][\-,0-9]*" } +timestamp = xsd:dateTime { pattern=".*Z" } + +# Core payload used in this schema. + +payload = ( + attribute router_id { router_id }, + attribute asn { asn_list }, + attribute valid_until { timestamp }?, + base64 +) + +# We allow two forms, one with a wrapper to allow multiple requests in +# a single file, one without for brevity; the version attribute goes +# in the outermost element in either case. + +start |= element router_certificate_request { + attribute version { version }, + payload +} + +start |= element router_certificate_requests { + attribute version { version }, + element router_certificate_request { payload }* +} + +# Local Variables: +# indent-tabs-mode: nil +# comment-start: "# " +# comment-start-skip: "#[ \t]*" +# End: |