1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
# $Id$
#
# RelaxNG Schema for MyRPKI XML messages
#
# libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
# run the compact syntax through trang to get XML syntax.
default namespace = "http://www.hactrn.net/uris/rpki/myrpki/"
version = "2"
base64 = xsd:base64Binary { maxLength="512000" }
object_handle = xsd:string { maxLength="255" pattern="[\-_A-Za-z0-9]*" }
pubd_handle = xsd:string { maxLength="255" pattern="[\-_A-Za-z0-9/]*" }
uri = xsd:anyURI { maxLength="4096" }
asn_list = xsd:string { maxLength="512000" pattern="[\-,0-9]*" }
ipv4_list = xsd:string { maxLength="512000" pattern="[\-,0-9/.]*" }
ipv6_list = xsd:string { maxLength="512000" pattern="[\-,0-9/:a-fA-F]*" }
start |= myrpki_pdu
start |= identity_pdu
start |= parent_pdu
start |= repository_pdu
myrpki_pdu = element myrpki {
attribute version { version },
attribute handle { object_handle },
attribute service_uri { uri }?,
element roa_request {
attribute asn { xsd:positiveInteger },
attribute v4 { ipv4_list },
attribute v6 { ipv6_list }
}*,
element child {
attribute handle { object_handle },
attribute valid_until { xsd:dateTime { pattern=".*Z" } },
attribute asns { asn_list }?,
attribute v4 { ipv4_list }?,
attribute v6 { ipv6_list }?,
element bpki_certificate { base64 }?
}*,
element parent {
attribute handle { object_handle },
attribute service_uri { uri }?,
attribute myhandle { object_handle }?,
attribute sia_base { uri }?,
element bpki_cms_certificate { base64 }?,
element bpki_https_certificate { base64 }?
}*,
element repository {
attribute handle { object_handle },
attribute service_uri { uri }?,
element bpki_certificate { base64 }?
}*,
element bpki_ca_certificate { base64 }?,
element bpki_crl { base64 }?,
element bpki_bsc_certificate { base64 }?,
element bpki_bsc_pkcs10 { base64 }?,
element bpki_server_ta { base64 }?
}
identity_pdu = element identity {
attribute version { version },
attribute handle { object_handle },
element bpki_ta { base64 }
}
parent_pdu = element parent {
attribute version { version },
attribute valid_until { xsd:dateTime { pattern=".*Z" } },
attribute service_uri { uri }?,
attribute child_handle { object_handle },
attribute parent_handle { object_handle },
element bpki_resource_ta { base64 }?,
element bpki_server_ta { base64 }?,
element bpki_child_ta { base64 }?,
element repository {
((attribute type { "offer" }) |
(attribute type { "hint" },
attribute proposed_sia_base { uri },
element contact_info { xsd:string }))
}?
}
repository_pdu |= element repository {
attribute version { version },
attribute type { "confirmed" },
attribute parent_handle { object_handle },
attribute client_handle { pubd_handle },
attribute service_uri { uri },
attribute sia_base { uri },
attribute repository_handle { object_handle },
element bpki_server_ta { base64 }?,
element bpki_client_ta { base64 }?,
element contact_info { xsd:string }?
}
repository_pdu |= element repository {
attribute version { version },
attribute type { "request" },
attribute handle { pubd_handle },
attribute parent_handle { object_handle },
element contact_info { xsd:string }?,
element bpki_ta { base64 }?
}
repository_pdu |= element repository {
attribute version { version },
attribute type { "offer" },
attribute handle { pubd_handle },
attribute parent_handle { object_handle },
element bpki_ta { base64 }?
}
repository_pdu |= element repository {
attribute version { version },
attribute type { "hint" },
attribute handle { pubd_handle },
attribute parent_handle { object_handle },
attribute proposed_sia_base { uri },
element contact_info { xsd:string }?,
element bpki_ta { base64 }?
}
# Local Variables:
# indent-tabs-mode: nil
# End:
|
