+++ /dev/null
-#
-# EMULAB-COPYRIGHT
-# Copyright (c) 2008 University of Utah and the Flux Group.
-# All rights reserved.
-#
-
-# ProtoGENI credential and privilege specification. The key points:
-#
-# * A credential is a set of privileges or a Ticket, each with a flag
-# to indicate delegation is permitted.
-# * A credential is signed and the signature included in the body of the
-# document.
-# * To support delegation, a credential will include its parent, and that
-# blob will be signed. So, there will be multiple signatures in the
-# document, each with a reference to the credential it signs.
-#
-#default namespace = "http://www.protogeni.net/resources/credential/0.1"
-
-namespace sig = "http://www.w3.org/2000/09/xmldsig#"
-datatypes xs = "http://www.w3.org/2001/XMLSchema-datatypes"
-anyelementbody = (attribute * {text} | text | element * {anyelementbody} )*
-
-# This is where we get the definition of RSpec from
-include "../rspec/protogeni-rspec-common.rnc"
-
-## Representation of a single privileges.
-PrivilegeSpec = element privilege {
- # Name of the privilege.
- element name { xsd:string { minLength = "1" }},
- # Flag indicating this privilege can be delegated
- element can_delegate { xsd:boolean }
-}
-
-## A set of privileges.
-PrivilegesSpec = element privileges {
- PrivilegeSpec*
-}
-
-## Backwards compat my original credential spec.
-CapabilitySpec = element capability {
- # Name of the capability.
- element name { xsd:string { minLength = "1" }},
- # Flag indicating this capability can be delegated
- element can_delegate { "0" | "1" }
-}
-## Backwards compat my original credential spec.
-CapabilitiesSpec = element capabilities {
- CapabilitySpec*
-}
-
-## Define a stub for future ticket.
-TicketSpec = element ticket {
- ## Can the ticket be delegated?
- element can_delegate { xsd:boolean },
- ## The ticket must be "cashed in" by this date
- element redeem_before { xsd:dateTime },
- ## A desciption of the resources that are being promised
- # Note: What I really want to do here is reference RSpec as being
- # in a separate namespace. But, it's not clear to me how to do this,
- # so we basically just use by inclusion
- anyelementbody
-}
-
-## A list of signatures.
-signatures = element signatures {
- element sig:Signature { anyelementbody }+
-}
-
-## A credential granting privileges or a ticket.
-credentials = element credential {
- ## The ID for signature referencing.
- attribute xml:id {xs:ID},
- ## The type of this credential. Currently a Privilege set or a Ticket.
- element type { "privilege" | "ticket" | "capability" },
- ## A serial number.
- element serial { xsd:string },
- ## GID of the owner of this credential.
- element owner_gid { xsd:string },
- ## GID of the target of this credential.
- element target_gid { xsd:string },
- ## UUID of this credential
- element uuid { xsd:string },
- ## Expires on
- element expires { xsd:dateTime },
- ## Privileges or a ticket
- (PrivilegesSpec | TicketSpec | CapabilitiesSpec),
- ## Optional Extensions
- element extensions { anyelementbody }*,
- ## Parent that delegated to us
- element parent { credentials }?
-}
-
-SignedCredential = element signed-credential {
- credentials,
- signatures?
-}
-
-start = SignedCredential
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>\r
-<!--\r
- \r
- GENIPUBLIC-COPYRIGHT\r
- Copyright (c) 2008-2009 University of Utah and the Flux Group.\r
- All rights reserved.\r
- \r
--->\r
-<!--\r
- ProtoGENI credential and privilege specification. The key points:\r
- \r
- * A credential is a set of privileges or a Ticket, each with a flag\r
- to indicate delegation is permitted.\r
- * A credential is signed and the signature included in the body of the\r
- document.\r
- * To support delegation, a credential will include its parent, and that\r
- blob will be signed. So, there will be multiple signatures in the\r
- document, each with a reference to the credential it signs.\r
- \r
- default namespace = "http://www.protogeni.net/resources/credential/0.1"\r
--->\r
-<grammar xmlns:a="http://relaxng.org/ns/compatibility/annotations/1.0" xmlns:sig="http://www.w3.org/2000/09/xmldsig#" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">\r
- <define name="anyelementbody">\r
- <zeroOrMore>\r
- <choice>\r
- <attribute>\r
- <anyName/>\r
- </attribute>\r
- <text/>\r
- <element>\r
- <anyName/>\r
- <ref name="anyelementbody"/>\r
- </element>\r
- </choice>\r
- </zeroOrMore>\r
- </define>\r
- <!-- This is where we get the definition of RSpec from -->\r
- <include href="protogeni-rspec-common.rng"/>\r
- <define name="PrivilegeSpec">\r
- <a:documentation>Representation of a single privileges. </a:documentation>\r
- <element name="privilege">\r
- <!-- Name of the privilege. -->\r
- <element name="name">\r
- <data type="string">\r
- <param name="minLength">1</param>\r
- </data>\r
- </element>\r
- <!-- Flag indicating this privilege can be delegated -->\r
- <element name="can_delegate">\r
- <data type="boolean"/>\r
- </element>\r
- </element>\r
- </define>\r
- <define name="PrivilegesSpec">\r
- <a:documentation>A set of privileges.</a:documentation>\r
- <element name="privileges">\r
- <zeroOrMore>\r
- <ref name="PrivilegeSpec"/>\r
- </zeroOrMore>\r
- </element>\r
- </define>\r
- <define name="CapabilitySpec">\r
- <a:documentation>Backwards compat my original credential spec.</a:documentation>\r
- <element name="capability">\r
- <!-- Name of the capability. -->\r
- <element name="name">\r
- <data type="string">\r
- <param name="minLength">1</param>\r
- </data>\r
- </element>\r
- <!-- Flag indicating this capability can be delegated -->\r
- <element name="can_delegate">\r
- <choice>\r
- <value>0</value>\r
- <value>1</value>\r
- </choice>\r
- </element>\r
- </element>\r
- </define>\r
- <define name="CapabilitiesSpec">\r
- <a:documentation>Backwards compat my original credential spec.</a:documentation>\r
- <element name="capabilities">\r
- <zeroOrMore>\r
- <ref name="CapabilitySpec"/>\r
- </zeroOrMore>\r
- </element>\r
- </define>\r
- <define name="TicketSpec">\r
- <a:documentation>Define a stub for future ticket.</a:documentation>\r
- <element name="ticket">\r
- <element name="can_delegate">\r
- <a:documentation>Can the ticket be delegated?</a:documentation>\r
- <data type="boolean"/>\r
- </element>\r
- <element name="redeem_before">\r
- <a:documentation>The ticket must be "cashed in" by this date </a:documentation>\r
- <data type="dateTime"/>\r
- </element>\r
- <!--\r
- Note: What I really want to do here is reference RSpec as being\r
- in a separate namespace. But, it's not clear to me how to do this,\r
- so we basically just use by inclusion\r
- -->\r
- <ref name="anyelementbody">\r
- <a:documentation>A desciption of the resources that are being promised</a:documentation>\r
- </ref>\r
- </element>\r
- </define>\r
- <define name="signatures">\r
- <a:documentation>A list of signatures.</a:documentation>\r
- <element name="signatures">\r
- <oneOrMore>\r
- <element name="sig:Signature">\r
- <ref name="anyelementbody"/>\r
- </element>\r
- </oneOrMore>\r
- </element>\r
- </define>\r
- <define name="credentials">\r
- <a:documentation>A credential granting privileges or a ticket.</a:documentation>\r
- <element name="credential">\r
- <attribute name="xml:id">\r
- <a:documentation>The ID for signature referencing.</a:documentation>\r
- <data type="ID"/>\r
- </attribute>\r
- <element name="type">\r
- <a:documentation>The type of this credential. Currently a Privilege set or a Ticket.</a:documentation>\r
- <choice>\r
- <value>privilege</value>\r
- <value>ticket</value>\r
- <value>capability</value>\r
- </choice>\r
- </element>\r
- <element name="serial">\r
- <a:documentation>A serial number.</a:documentation>\r
- <data type="string"/>\r
- </element>\r
- <element name="owner_gid">\r
- <a:documentation>GID of the owner of this credential. </a:documentation>\r
- <data type="string"/>\r
- </element>\r
- <optional>\r
- <element name="owner_urn">\r
- <a:documentation>URN of the owner. Not everyone can parse DER</a:documentation>\r
- <data type="string"/>\r
- </element>\r
- </optional>\r
- <element name="target_gid">\r
- <a:documentation>GID of the target of this credential. </a:documentation>\r
- <data type="string"/>\r
- </element>\r
- <optional>\r
- <element name="target_urn">\r
- <a:documentation>URN of the target.</a:documentation>\r
- <data type="string"/>\r
- </element>\r
- </optional>\r
- <element name="uuid">\r
- <a:documentation>UUID of this credential</a:documentation>\r
- <data type="string"/>\r
- </element>\r
- <element name="expires">\r
- <a:documentation>Expires on</a:documentation>\r
- <data type="dateTime"/>\r
- </element>\r
- <choice>\r
- <a:documentation>Privileges or a ticket</a:documentation>\r
- <ref name="PrivilegesSpec"/>\r
- <ref name="TicketSpec"/>\r
- <ref name="CapabilitiesSpec"/>\r
- </choice>\r
- <zeroOrMore>\r
- <element name="extensions">\r
- <a:documentation>Optional Extensions</a:documentation>\r
- <ref name="anyelementbody"/>\r
- </element>\r
- </zeroOrMore>\r
- <optional>\r
- <element name="parent">\r
- <a:documentation>Parent that delegated to us</a:documentation>\r
- <ref name="credentials"/>\r
- </element>\r
- </optional>\r
- </element>\r
- </define>\r
- <define name="SignedCredential">\r
- <element name="signed-credential">\r
- <ref name="credentials"/>\r
- <optional>\r
- <ref name="signatures"/>\r
- </optional>\r
- </element>\r
- </define>\r
- <start>\r
- <ref name="SignedCredential"/>\r
- </start>\r
-</grammar>\r
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ GENIPUBLIC-COPYRIGHT
+ Copyright (c) 2008-2009 University of Utah and the Flux Group.
+ All rights reserved.
+
+-->
+<!--
+ ProtoGENI credential and privilege specification. The key points:
+
+ * A credential is a set of privileges or a Ticket, each with a flag
+ to indicate delegation is permitted.
+ * A credential is signed and the signature included in the body of the
+ document.
+ * To support delegation, a credential will include its parent, and that
+ blob will be signed. So, there will be multiple signatures in the
+ document, each with a reference to the credential it signs.
+
+ default namespace = "http://www.protogeni.net/resources/credential/0.1"
+-->
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" xmlns:sig="http://www.w3.org/2000/09/xmldsig#">
+ <xs:include schemaLocation="protogeni-rspec-common.xsd"/>
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="sig.xsd"/>
+ <xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
+ <xs:group name="anyelementbody">
+ <xs:sequence>
+ <xs:any minOccurs="0" maxOccurs="unbounded" processContents="skip"/>
+ </xs:sequence>
+ </xs:group>
+ <xs:attributeGroup name="anyelementbody">
+ <xs:anyAttribute processContents="skip"/>
+ </xs:attributeGroup>
+ <!-- This is where we get the definition of RSpec from -->
+ <xs:element name="privilege">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element ref="name"/>
+ <xs:element name="can_delegate" type="xs:boolean"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="name">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:minLength value="1"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="privileges">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element minOccurs="0" maxOccurs="unbounded" ref="privilege"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="capability">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element ref="name"/>
+ <xs:element name="can_delegate">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="0"/>
+ <xs:enumeration value="1"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="capabilities">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element minOccurs="0" maxOccurs="unbounded" ref="capability"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="ticket">
+ <xs:complexType mixed="true">
+ <xs:sequence>
+ <xs:element name="can_delegate" type="xs:boolean">
+ <xs:annotation>
+ <xs:documentation>Can the ticket be delegated?</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element ref="redeem_before"/>
+ <xs:group ref="anyelementbody">
+ <xs:annotation>
+ <xs:documentation>A desciption of the resources that are being promised</xs:documentation>
+ </xs:annotation>
+ </xs:group>
+ </xs:sequence>
+ <xs:attributeGroup ref="anyelementbody"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="redeem_before" type="xs:dateTime">
+ <xs:annotation>
+ <xs:documentation>The ticket must be "cashed in" by this date </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="signatures">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" ref="sig:Signature"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:complexType name="credentials">
+ <xs:annotation>
+ <xs:documentation>A credential granting privileges or a ticket.</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element ref="credential"/>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="credential">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element ref="type"/>
+ <xs:element ref="serial"/>
+ <xs:element ref="owner_gid"/>
+ <xs:element minOccurs="0" ref="owner_urn"/>
+ <xs:element ref="target_gid"/>
+ <xs:element minOccurs="0" ref="target_urn"/>
+ <xs:element ref="uuid"/>
+ <xs:element ref="expires"/>
+ <xs:choice>
+ <xs:annotation>
+ <xs:documentation>Privileges or a ticket</xs:documentation>
+ </xs:annotation>
+ <xs:element ref="privileges"/>
+ <xs:element ref="ticket"/>
+ <xs:element ref="capabilities"/>
+ </xs:choice>
+ <xs:element minOccurs="0" maxOccurs="unbounded" ref="extensions"/>
+ <xs:element minOccurs="0" ref="parent"/>
+ </xs:sequence>
+ <xs:attribute ref="xml:id" use="required"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="type">
+ <xs:annotation>
+ <xs:documentation>The type of this credential. Currently a Privilege set or a Ticket.</xs:documentation>
+ </xs:annotation>
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="privilege"/>
+ <xs:enumeration value="ticket"/>
+ <xs:enumeration value="capability"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="serial" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>A serial number.</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="owner_gid" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>GID of the owner of this credential. </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="owner_urn" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>URN of the owner. Not everyone can parse DER</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="target_gid" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>GID of the target of this credential. </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="target_urn" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>URN of the target.</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="uuid" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>UUID of this credential</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="expires" type="xs:dateTime">
+ <xs:annotation>
+ <xs:documentation>Expires on</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="extensions">
+ <xs:annotation>
+ <xs:documentation>Optional Extensions</xs:documentation>
+ </xs:annotation>
+ <xs:complexType mixed="true">
+ <xs:group ref="anyelementbody"/>
+ <xs:attributeGroup ref="anyelementbody"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="parent" type="credentials">
+ <xs:annotation>
+ <xs:documentation>Parent that delegated to us</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="signed-credential">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="credentials">
+ <xs:sequence>
+ <xs:element minOccurs="0" ref="signatures"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+</xs:schema>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>\r
-<grammar xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">\r
- <!--\r
- \r
- EMULAB-COPYRIGHT\r
- Copyright (c) 2008 University of Utah and the Flux Group.\r
- All rights reserved.\r
- \r
- -->\r
- <!--\r
- \r
- Common definitions for advertisements, requests, and tickets\r
- \r
- -->\r
- <include href="top.rng"/>\r
- <define name="NodeSpec">\r
- <element name="node">\r
- <ref name="NodeContents"/>\r
- </element>\r
- </define>\r
- <define name="LinkSpec">\r
- <element name="link">\r
- <ref name="LinkContents"/>\r
- </element>\r
- </define>\r
- <define name="NodeContents">\r
- <interleave>\r
- <optional>\r
- <!--\r
- Each node has exactly one virtualization technology, which we simply\r
- enumerate here\r
- -->\r
- <attribute name="virtualization_type">\r
- <choice>\r
- <value>raw</value>\r
- <value>trellis-vserver</value>\r
- <value>planetlab-vserver</value>\r
- <value>emulab-vnode</value>\r
- <value>bgpmux</value>\r
- </choice>\r
- </attribute>\r
- </optional>\r
- <optional>\r
- <!--\r
- Each node may be the subnode of (physically located within) another.\r
- In advertisements, this is the URN of the other component.\r
- In requests, this is the virtual_id of the other sliver.\r
- -->\r
- <element name="subnode_of">\r
- <text/>\r
- </element>\r
- </optional>\r
- <!-- Node type list -->\r
- <ref name="NodeTypeList"/>\r
- <zeroOrMore>\r
- <!--\r
- List of interfaces on this node. Interfaces are declared here. So\r
- all information about a particular interface including types\r
- belongs in the declaration. Other references to interfaces\r
- should just uniquely identify them and refer back here.\r
- -->\r
- <element name="interface">\r
- <ref name="InterfaceDecl"/>\r
- </element>\r
- </zeroOrMore>\r
- </interleave>\r
- </define>\r
- <define name="LinkContents">\r
- <interleave>\r
- <optional>\r
- <!--\r
- Each link has exactly one virtualization technology, which we simply\r
- enumerate here\r
- -->\r
- <attribute name="virtualization_type">\r
- <choice>\r
- <value>raw</value>\r
- <value>trellis-vserver</value>\r
- <value>planetlab-vserver</value>\r
- <value>emulab-vnode</value>\r
- </choice>\r
- </attribute>\r
- </optional>\r
- <oneOrMore>\r
- <!-- Link types -->\r
- <ref name="LinkType"/>\r
- </oneOrMore>\r
- <zeroOrMore>\r
- <!-- The interfaces which this link spans. -->\r
- <element name="interface_ref">\r
- <ref name="InterfaceRef"/>\r
- </element>\r
- </zeroOrMore>\r
- </interleave>\r
- </define>\r
- <define name="NodeTypeList">\r
- <oneOrMore>\r
- <ref name="NodeTypeSpec"/>\r
- </oneOrMore>\r
- </define>\r
- <define name="NodeTypeContents" combine="interleave">\r
- <zeroOrMore>\r
- <ref name="TypeField"/>\r
- </zeroOrMore>\r
- </define>\r
- <define name="LinkType">\r
- <element name="link_type">\r
- <interleave>\r
- <optional>\r
- <attribute name="name"/>\r
- </optional>\r
- <optional>\r
- <attribute name="type_name"/>\r
- </optional>\r
- <zeroOrMore>\r
- <ref name="TypeField"/>\r
- </zeroOrMore>\r
- </interleave>\r
- </element>\r
- </define>\r
- <define name="TypeField">\r
- <element name="field">\r
- <interleave>\r
- <attribute name="key"/>\r
- <attribute name="value"/>\r
- </interleave>\r
- </element>\r
- </define>\r
- <define name="VirtualName">\r
- <attribute name="virtual_id"/>\r
- </define>\r
- <define name="ComponentName">\r
- <interleave>\r
- <optional>\r
- <!--\r
- This is the uuid of the aggregate that this node or link belongs\r
- to. It is required in an advertisement.\r
- -->\r
- <attribute name="component_manager_uuid"/>\r
- </optional>\r
- <optional>\r
- <attribute name="component_manager_urn"/>\r
- </optional>\r
- <optional>\r
- <!-- User-readable name for the component -->\r
- <attribute name="component_name"/>\r
- </optional>\r
- <optional>\r
- <!-- The uuid of the physical component. -->\r
- <attribute name="component_uuid"/>\r
- </optional>\r
- <optional>\r
- <attribute name="component_urn"/>\r
- </optional>\r
- </interleave>\r
- </define>\r
- <define name="ComponentInterfaceDeclName">\r
- <attribute name="component_id"/>\r
- </define>\r
- <define name="ComponentInterfaceRefName">\r
- <interleave>\r
- <optional>\r
- <attribute name="component_node_uuid"/>\r
- </optional>\r
- <optional>\r
- <attribute name="component_node_urn"/>\r
- </optional>\r
- <attribute name="component_interface_id"/>\r
- </interleave>\r
- </define>\r
- <define name="InterfaceDecl">\r
- <empty/>\r
- </define>\r
- <define name="InterfaceRef">\r
- <empty/>\r
- </define>\r
- <define name="Location">\r
- <element name="location">\r
- <interleave>\r
- <!-- The two-letter ISO 3166 code for the country the node is in. -->\r
- <attribute name="country"/>\r
- <optional>\r
- <!--\r
- Longitude and Latitude coordinates of the node using the\r
- WGS 84 standard.\r
- -->\r
- <attribute name="longitude"/>\r
- </optional>\r
- <optional>\r
- <attribute name="latitude"/>\r
- </optional>\r
- </interleave>\r
- </element>\r
- </define>\r
- <define name="RSpec">\r
- <element name="rspec">\r
- <ref name="RSpecContents"/>\r
- </element>\r
- </define>\r
- <define name="RSpecContents">\r
- <interleave>\r
- <optional>\r
- <!--\r
- When this RSpec was generated - optional, can be used for determining\r
- staleness\r
- -->\r
- <attribute name="generated">\r
- <data type="dateTime"/>\r
- </attribute>\r
- </optional>\r
- <optional>\r
- <!--\r
- Who/what generated the rspec. This is purely informative and\r
- should not be used for any policy consideration. The format is\r
- not fixed.\r
- -->\r
- <attribute name="generated_by"/>\r
- </optional>\r
- <optional>\r
- <!--\r
- How long this rspec is valid - in the case of a ticket, this indicates\r
- how long the holder may use the resources. For a resource request, it's\r
- how long we want the resources. For an advertisement, it might be a hint\r
- as to how long it's okay to cache this rspec.\r
- -->\r
- <attribute name="valid_until">\r
- <data type="dateTime"/>\r
- </attribute>\r
- </optional>\r
- <zeroOrMore>\r
- <!-- One or more nodes/links -->\r
- <ref name="NodeSpec"/>\r
- </zeroOrMore>\r
- <zeroOrMore>\r
- <ref name="LinkSpec"/>\r
- </zeroOrMore>\r
- </interleave>\r
- </define>\r
-</grammar>\r
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" xmlns:sig="http://www.w3.org/2000/09/xmldsig#">
+ <xs:include schemaLocation="top.xsd"/>
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="sig.xsd"/>
+ <xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
+ <!--
+
+ EMULAB-COPYRIGHT
+ Copyright (c) 2008 University of Utah and the Flux Group.
+ All rights reserved.
+
+ -->
+ <!--
+
+ Common definitions for advertisements, requests, and tickets
+
+ -->
+ <xs:element name="node" type="NodeContents"/>
+ <xs:element name="link" type="LinkContents"/>
+ <xs:complexType name="NodeContents">
+ <xs:choice minOccurs="0" maxOccurs="unbounded">
+ <xs:element ref="subnode_of"/>
+ <xs:group ref="NodeTypeList"/>
+ <xs:element ref="interface"/>
+ </xs:choice>
+ <xs:attribute name="virtualization_type">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="raw"/>
+ <xs:enumeration value="trellis-vserver"/>
+ <xs:enumeration value="planetlab-vserver"/>
+ <xs:enumeration value="emulab-vnode"/>
+ <xs:enumeration value="bgpmux"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:complexType>
+ <xs:element name="subnode_of" type="xs:string"/>
+ <xs:element name="interface">
+ <xs:complexType/>
+ </xs:element>
+ <xs:complexType name="LinkContents">
+ <xs:choice minOccurs="0" maxOccurs="unbounded">
+ <xs:group ref="LinkType"/>
+ <xs:element ref="interface_ref"/>
+ </xs:choice>
+ <xs:attribute name="virtualization_type">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="raw"/>
+ <xs:enumeration value="trellis-vserver"/>
+ <xs:enumeration value="planetlab-vserver"/>
+ <xs:enumeration value="emulab-vnode"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:complexType>
+ <xs:element name="interface_ref">
+ <xs:complexType/>
+ </xs:element>
+ <xs:group name="NodeTypeList">
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" ref="node_type"/>
+ </xs:sequence>
+ </xs:group>
+ <xs:group name="LinkType">
+ <xs:sequence>
+ <xs:element name="link_type">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element minOccurs="0" maxOccurs="unbounded" ref="field"/>
+ </xs:sequence>
+ <xs:attribute name="name"/>
+ <xs:attribute name="type_name"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:group>
+ <xs:element name="field">
+ <xs:complexType>
+ <xs:attribute name="key" use="required"/>
+ <xs:attribute name="value" use="required"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:attributeGroup name="VirtualName">
+ <xs:attribute name="virtual_id" use="required"/>
+ </xs:attributeGroup>
+ <xs:attributeGroup name="ComponentName">
+ <xs:attribute name="component_manager_uuid"/>
+ <xs:attribute name="component_manager_urn"/>
+ <xs:attribute name="component_name"/>
+ <xs:attribute name="component_uuid"/>
+ <xs:attribute name="component_urn"/>
+ </xs:attributeGroup>
+ <xs:attributeGroup name="ComponentInterfaceDeclName">
+ <xs:attribute name="component_id" use="required"/>
+ </xs:attributeGroup>
+ <xs:attributeGroup name="ComponentInterfaceRefName">
+ <xs:attribute name="component_node_uuid"/>
+ <xs:attribute name="component_node_urn"/>
+ <xs:attribute name="component_interface_id" use="required"/>
+ </xs:attributeGroup>
+ <xs:element name="location">
+ <xs:complexType>
+ <xs:attribute name="country" use="required"/>
+ <xs:attribute name="longitude"/>
+ <xs:attribute name="latitude"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="rspec" type="RSpecContents"/>
+ <xs:complexType name="RSpecContents">
+ <xs:choice minOccurs="0" maxOccurs="unbounded">
+ <xs:element ref="node"/>
+ <xs:element ref="link"/>
+ </xs:choice>
+ <xs:attribute name="generated" type="xs:dateTime"/>
+ <xs:attribute name="generated_by"/>
+ <xs:attribute name="valid_until" type="xs:dateTime"/>
+ </xs:complexType>
+</xs:schema>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>\r
-<grammar xmlns:a="http://relaxng.org/ns/compatibility/annotations/1.0" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">\r
- <!--\r
- \r
- EMULAB-COPYRIGHT\r
- Copyright (c) 2005-2007 University of Utah and the Flux Group.\r
- All rights reserved.\r
- \r
- -->\r
- <!--\r
- \r
- Definition of common data structures used for representing topologies -\r
- shared between vtop (virtual topology) and ptop (physical topology)\r
- formats.\r
- \r
- -->\r
- <define name="NodeTypeSpec">\r
- <a:documentation>Representation of a single node type</a:documentation>\r
- <element name="node_type">\r
- <interleave>\r
- <attribute name="type_name">\r
- <a:documentation>Name of the type - will almost certainly not be unique</a:documentation>\r
- </attribute>\r
- <attribute name="type_slots">\r
- <a:documentation>How many virtual nodes of this type this physical node can\r
-handle.</a:documentation>\r
- <choice>\r
- <data type="integer">\r
- <param name="minInclusive">0</param>\r
- </data>\r
- <value>unlimited</value>\r
- </choice>\r
- </attribute>\r
- <optional>\r
- <attribute name="static">\r
- <a:documentation>element unlimited { empty }?,\r
-A flag that indicates that this physical node *always*\r
-has this type - a node is only allowed to have one dynamic\r
-(ie. not flagged as static) type at a time, but any number\r
-of static types at a time\r
-element static { empty }?</a:documentation>\r
- <value>true</value>\r
- </attribute>\r
- </optional>\r
- <ref name="NodeTypeContents"/>\r
- </interleave>\r
- </element>\r
- </define>\r
- <define name="NodeTypeContents">\r
- <empty/>\r
- </define>\r
- <define name="LinkTypeSpec">\r
- <a:documentation>Link types are currently just a siple string. They will almost certainly \r
-have to get more complicated, for two reasons:\r
- First, I want to allow virtual links to specify more than one type, so\r
- that we can ask for links that are, say, 'ethernet or loopback'\r
- Second, I want to have a lot more control over links that get mapped to\r
- multi-hop paths\r
-TODO: MAYBE this should be combined with NodeTypeSpec</a:documentation>\r
- <element name="link_type">\r
- <attribute name="type_name"/>\r
- </element>\r
- </define>\r
- <define name="LinkEndPoints">\r
- <a:documentation>A link has two endpoints. Right now, they are order\r
-independent. But they might become order-dependant later.</a:documentation>\r
- <element name="source_interface">\r
- <a:documentation>First interface for this link</a:documentation>\r
- <ref name="InterfaceSpec"/>\r
- </element>\r
- <element name="destination_interface">\r
- <a:documentation>Second interface for this link</a:documentation>\r
- <ref name="InterfaceSpec"/>\r
- </element>\r
- </define>\r
- <define name="LinkCharacteristics">\r
- <a:documentation>Link characterstics which affect traffic.\r
-TODO: In the future, the bandwidth, latency, and packet loss will be\r
-moved to features and/or properties</a:documentation>\r
- <element name="bandwidth">\r
- <a:documentation>Bandwidth of the link in kbps</a:documentation>\r
- <data type="float">\r
- <param name="minExclusive">0.0</param>\r
- </data>\r
- </element>\r
- <element name="latency">\r
- <a:documentation>Latency of the link in ms</a:documentation>\r
- <data type="float">\r
- <param name="minInclusive">0.0</param>\r
- </data>\r
- </element>\r
- <element name="packet_loss">\r
- <a:documentation>Static packet loss probability of the link as a fraction\r
-(ie. 0.01 == 1%)</a:documentation>\r
- <data type="float">\r
- <param name="minInclusive">0.0</param>\r
- </data>\r
- </element>\r
- </define>\r
- <define name="FeatureDesireSpec">\r
- <a:documentation>"Legacy" assign features and desires - will be phased out in favor of\r
-properties</a:documentation>\r
- <element name="fd">\r
- <attribute name="fd_name">\r
- <a:documentation>Name of this feature or desire\r
-element fd_name { text },</a:documentation>\r
- </attribute>\r
- <attribute name="fd_weight">\r
- <a:documentation>Weight assocated with the feature or desire\r
-element fd_weight { xsd:float },</a:documentation>\r
- </attribute>\r
- <optional>\r
- <attribute name="violatable">\r
- <a:documentation>A flag indicating whether or not a failure to match the desire with a\r
-a feature is a constraint violation\r
-element violatable { empty }?,</a:documentation>\r
- <value>true</value>\r
- </attribute>\r
- </optional>\r
- <optional>\r
- <choice>\r
- <a:documentation>Type information expressed in features and desires</a:documentation>\r
- <ref name="GlobalSpec"/>\r
- <ref name="LocalSpec"/>\r
- </choice>\r
- </optional>\r
- </element>\r
- </define>\r
- <define name="GlobalSpec">\r
- <a:documentation>GlobalSpec = element global {\r
- element operator { "OnceOnly" | "FirstFree" }\r
-}</a:documentation>\r
- <attribute name="global_operator">\r
- <choice>\r
- <value>OnceOnly</value>\r
- <value>FirstFree</value>\r
- </choice>\r
- </attribute>\r
- </define>\r
- <define name="LocalSpec">\r
- <a:documentation>LocalSpec = element local {\r
- element operator { "+" }\r
- attribute local_operator { "+" }\r
-}</a:documentation>\r
- <attribute name="local_operator">\r
- <value>+</value>\r
- </attribute>\r
- </define>\r
- <define name="InterfaceSpec">\r
- <a:documentation>Interfaces\r
-InterfaceSpec = element interface { InterfaceContents }</a:documentation>\r
- <attribute name="node_name"/>\r
- <attribute name="interface_name"/>\r
- <optional>\r
- <attribute name="physical_node_name"/>\r
- </optional>\r
- <optional>\r
- <attribute name="physical_interface_name"/>\r
- </optional>\r
- <zeroOrMore>\r
- <ref name="PropertySpec"/>\r
- </zeroOrMore>\r
- </define>\r
- <define name="InterfaceContents">\r
- <element name="node_name">\r
- <a:documentation>Name of the node, which must match one of the nodes in this topology</a:documentation>\r
- <text/>\r
- </element>\r
- <element name="interface_name">\r
- <a:documentation>Name of the interface itself</a:documentation>\r
- <text/>\r
- </element>\r
- <zeroOrMore>\r
- <ref name="PropertySpec">\r
- <a:documentation>Properties of the interface</a:documentation>\r
- </ref>\r
- </zeroOrMore>\r
- </define>\r
- <define name="PropertySpec">\r
- <a:documentation>Properties - new: replacements for features and desires. Not yet implemented\r
-in assign, and not yet fully fleshed out in this schema.</a:documentation>\r
- <element name="property">\r
- <element name="property_name">\r
- <a:documentation>Name of this property</a:documentation>\r
- <text/>\r
- </element>\r
- <element name="property_value">\r
- <a:documentation>Value associated with this property\r
-TODO: Add ranges and other types from rspec</a:documentation>\r
- <choice>\r
- <text/>\r
- <data type="float"/>\r
- </choice>\r
- </element>\r
- <element name="property_penalty">\r
- <a:documentation>The penalty associated with this property</a:documentation>\r
- <data type="float">\r
- <param name="minInclusive">0.0</param>\r
- </data>\r
- </element>\r
- <optional>\r
- <element name="violatable">\r
- <a:documentation>If this flag is present, not having the property is considered a violation</a:documentation>\r
- <empty/>\r
- </element>\r
- </optional>\r
- <optional>\r
- <choice>\r
- <a:documentation>TODO: Add more operators - equality, range test, etc\r
-Flags for special types of operators</a:documentation>\r
- <ref name="GlobalSpec"/>\r
- <ref name="LocalSpec"/>\r
- </choice>\r
- </optional>\r
- </element>\r
- </define>\r
-</grammar>\r
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" xmlns:sig="http://www.w3.org/2000/09/xmldsig#">
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="sig.xsd"/>
+ <xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
+ <!--
+
+ EMULAB-COPYRIGHT
+ Copyright (c) 2005-2007 University of Utah and the Flux Group.
+ All rights reserved.
+
+ -->
+ <!--
+
+ Definition of common data structures used for representing topologies -
+ shared between vtop (virtual topology) and ptop (physical topology)
+ formats.
+
+ -->
+ <xs:element name="node_type">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="NodeTypeContents">
+ <xs:attribute name="type_name" use="required">
+ <xs:annotation>
+ <xs:documentation>Name of the type - will almost certainly not be unique</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="type_slots" use="required">
+ <xs:annotation>
+ <xs:documentation>How many virtual nodes of this type this physical node can
+handle.</xs:documentation>
+ </xs:annotation>
+ <xs:simpleType>
+ <xs:union>
+ <xs:simpleType>
+ <xs:restriction base="xs:integer">
+ <xs:minInclusive value="0"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="unlimited"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:union>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="static">
+ <xs:annotation>
+ <xs:documentation>element unlimited { empty }?,
+A flag that indicates that this physical node *always*
+has this type - a node is only allowed to have one dynamic
+(ie. not flagged as static) type at a time, but any number
+of static types at a time
+element static { empty }?</xs:documentation>
+ </xs:annotation>
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="true"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+ <xs:complexType name="NodeTypeContents">
+ <xs:sequence>
+ <xs:element minOccurs="0" maxOccurs="unbounded" ref="field"/>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:group name="LinkTypeSpec">
+ <xs:annotation>
+ <xs:documentation>Link types are currently just a siple string. They will almost certainly
+have to get more complicated, for two reasons:
+ First, I want to allow virtual links to specify more than one type, so
+ that we can ask for links that are, say, 'ethernet or loopback'
+ Second, I want to have a lot more control over links that get mapped to
+ multi-hop paths
+TODO: MAYBE this should be combined with NodeTypeSpec</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="link_type">
+ <xs:complexType>
+ <xs:attribute name="type_name" use="required"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:group>
+ <xs:group name="LinkEndPoints">
+ <xs:annotation>
+ <xs:documentation>A link has two endpoints. Right now, they are order
+independent. But they might become order-dependant later.</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element ref="source_interface"/>
+ <xs:element ref="destination_interface"/>
+ </xs:sequence>
+ </xs:group>
+ <xs:element name="source_interface" type="InterfaceSpec">
+ <xs:annotation>
+ <xs:documentation>First interface for this link</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="destination_interface" type="InterfaceSpec">
+ <xs:annotation>
+ <xs:documentation>Second interface for this link</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:group name="LinkCharacteristics">
+ <xs:annotation>
+ <xs:documentation>Link characterstics which affect traffic.
+TODO: In the future, the bandwidth, latency, and packet loss will be
+moved to features and/or properties</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element ref="bandwidth"/>
+ <xs:element ref="latency"/>
+ <xs:element ref="packet_loss"/>
+ </xs:sequence>
+ </xs:group>
+ <xs:element name="bandwidth">
+ <xs:annotation>
+ <xs:documentation>Bandwidth of the link in kbps</xs:documentation>
+ </xs:annotation>
+ <xs:simpleType>
+ <xs:restriction base="xs:float">
+ <xs:minExclusive value="0.0"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="latency">
+ <xs:annotation>
+ <xs:documentation>Latency of the link in ms</xs:documentation>
+ </xs:annotation>
+ <xs:simpleType>
+ <xs:restriction base="xs:float">
+ <xs:minInclusive value="0.0"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="packet_loss">
+ <xs:annotation>
+ <xs:documentation>Static packet loss probability of the link as a fraction
+(ie. 0.01 == 1%)</xs:documentation>
+ </xs:annotation>
+ <xs:simpleType>
+ <xs:restriction base="xs:float">
+ <xs:minInclusive value="0.0"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="fd">
+ <xs:complexType>
+ <xs:attribute name="fd_name" use="required">
+ <xs:annotation>
+ <xs:documentation>Name of this feature or desire
+element fd_name { text },</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="fd_weight" use="required">
+ <xs:annotation>
+ <xs:documentation>Weight assocated with the feature or desire
+element fd_weight { xsd:float },</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="violatable">
+ <xs:annotation>
+ <xs:documentation>A flag indicating whether or not a failure to match the desire with a
+a feature is a constraint violation
+element violatable { empty }?,</xs:documentation>
+ </xs:annotation>
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="true"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="global_operator">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="OnceOnly"/>
+ <xs:enumeration value="FirstFree"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="local_operator">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="+"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:complexType>
+ </xs:element>
+ <xs:attributeGroup name="GlobalSpec">
+ <xs:annotation>
+ <xs:documentation>GlobalSpec = element global {
+ element operator { "OnceOnly" | "FirstFree" }
+}</xs:documentation>
+ </xs:annotation>
+ <xs:attribute name="global_operator" use="required">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="OnceOnly"/>
+ <xs:enumeration value="FirstFree"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:attributeGroup>
+ <xs:attributeGroup name="LocalSpec">
+ <xs:annotation>
+ <xs:documentation>LocalSpec = element local {
+ element operator { "+" }
+ attribute local_operator { "+" }
+}</xs:documentation>
+ </xs:annotation>
+ <xs:attribute name="local_operator" use="required">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="+"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:attributeGroup>
+ <xs:complexType name="InterfaceSpec">
+ <xs:annotation>
+ <xs:documentation>Interfaces
+InterfaceSpec = element interface { InterfaceContents }</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element minOccurs="0" maxOccurs="unbounded" ref="property"/>
+ </xs:sequence>
+ <xs:attribute name="node_name" use="required"/>
+ <xs:attribute name="interface_name" use="required"/>
+ <xs:attribute name="physical_node_name"/>
+ <xs:attribute name="physical_interface_name"/>
+ </xs:complexType>
+ <xs:group name="InterfaceContents">
+ <xs:sequence>
+ <xs:element ref="node_name"/>
+ <xs:element ref="interface_name"/>
+ <xs:element minOccurs="0" maxOccurs="unbounded" ref="property">
+ <xs:annotation>
+ <xs:documentation>Properties of the interface</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ </xs:sequence>
+ </xs:group>
+ <xs:element name="node_name" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>Name of the node, which must match one of the nodes in this topology</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="interface_name" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>Name of the interface itself</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="property">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element ref="property_name"/>
+ <xs:element ref="property_value"/>
+ <xs:element ref="property_penalty"/>
+ <xs:element minOccurs="0" ref="violatable"/>
+ </xs:sequence>
+ <xs:attribute name="global_operator">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="OnceOnly"/>
+ <xs:enumeration value="FirstFree"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="local_operator">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="+"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="property_name" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>Name of this property</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="property_value" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>Value associated with this property
+TODO: Add ranges and other types from rspec</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="property_penalty">
+ <xs:annotation>
+ <xs:documentation>The penalty associated with this property</xs:documentation>
+ </xs:annotation>
+ <xs:simpleType>
+ <xs:restriction base="xs:float">
+ <xs:minInclusive value="0.0"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="violatable">
+ <xs:annotation>
+ <xs:documentation>If this flag is present, not having the property is considered a violation</xs:documentation>
+ </xs:annotation>
+ <xs:complexType/>
+ </xs:element>
+</xs:schema>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="http://www.w3.org/XML/1998/namespace" xmlns:sig="http://www.w3.org/2000/09/xmldsig#">
+ <xs:import schemaLocation="credential.xsd"/>
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="sig.xsd"/>
+ <xs:attribute name="id" type="xs:ID">
+ <xs:annotation>
+ <xs:documentation>The ID for signature referencing.</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+</xs:schema>