1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
# $Id$
#
# RelaxNG (Compact Syntax) Schema
# for RPKI up-down protocol. This is based on the schema in the APNIC
# Wiki, but has tighter constraints on some fields.
#
# libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
# run the output of this script through a converter like trang to get
# XML syntax.
default namespace = "http://www.apnic.net/specs/rescerts/up-down/"
grammar {
start = element message {
attribute version { xsd:positiveInteger { maxInclusive="1" } },
attribute sender { xsd:token { maxLength="1024" } },
attribute recipient { xsd:token { maxLength="1024" } },
payload
}
payload |= attribute type { "list" }, list_request
payload |= attribute type { "list_response"}, list_response
payload |= attribute type { "issue" }, issue_request
payload |= attribute type { "issue_response"}, issue_response
payload |= attribute type { "revoke" }, revoke_request
payload |= attribute type { "revoke_response"}, revoke_response
payload |= attribute type { "error_response"}, error_response
list_request = empty
list_response = class*
class = element class {
attribute class_name { xsd:token { maxLength="1024" } },
attribute cert_url { xsd:anyURI { maxLength="1024" } },
attribute resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } },
attribute resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } },
attribute resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } },
attribute suggested_sia_head { xsd:anyURI { maxLength="1024" pattern="rsync://.+"} }?,
element certificate {
attribute cert_url { xsd:anyURI { maxLength="1024" } },
attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?,
attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?,
attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?,
xsd:base64Binary { maxLength="512000" }
}*,
element issuer { xsd:base64Binary { maxLength="512000" } }
}
issue_request = element request {
attribute class_name { xsd:token { maxLength="1024" } },
attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?,
attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?,
attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?,
xsd:base64Binary { maxLength="512000" }
}
issue_response = class
revoke_request = revocation
revoke_response = revocation
revocation = element key {
attribute class_name { xsd:token { maxLength="1024" } },
attribute ski { xsd:token { maxLength="1024" } }
}
error_response =
element status {
"1101" | # Already processing request
"1102" | # version number error
"1103" | # unrecognised request type
"1201" | # request - no such resource class
"1202" | # request - no resources allocated in resource class
"1203" | # request - badly formed certificate request
"1301" | # revoke - no such resource class
"1302" | # revoke - no such key
"2001" # Internal Server Error - Request not performed
},
element description { attribute xml:lang { xsd:language }, xsd:string { maxLength="1024" } }?
}
|
