blob: 0508d4d5d22d249e7d558b4bc946b0359216e1e5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI"
finalDefault="extension"
blockDefault="substitution"
version="2.0">
<xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
<xs:annotation>
<xs:documentation>
Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI
Document identifier: saml-schema-authn-context-smartcardpki-2.0
Location: http://docs.oasis-open.org/security/saml/v2.0/
Revision history:
V2.0 (March, 2005):
New authentication context class schema for SAML V2.0.
</xs:documentation>
</xs:annotation>
<xs:complexType name="AuthnContextDeclarationBaseType">
<xs:complexContent>
<xs:restriction base="AuthnContextDeclarationBaseType">
<xs:sequence>
<xs:element ref="Identification" minOccurs="0"/>
<xs:element ref="TechnicalProtection"/>
<xs:element ref="OperationalProtection" minOccurs="0"/>
<xs:element ref="AuthnMethod"/>
<xs:element ref="GoverningAgreements" minOccurs="0"/>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
<xs:attribute name="ID" type="xs:ID" use="optional"/>
</xs:restriction>
</xs:complexContent>
</xs:complexType>
<xs:complexType name="AuthnMethodBaseType">
<xs:complexContent>
<xs:restriction base="AuthnMethodBaseType">
<xs:sequence>
<xs:element ref="PrincipalAuthenticationMechanism"/>
<xs:element ref="Authenticator"/>
<xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:restriction>
</xs:complexContent>
</xs:complexType>
<xs:complexType name="TechnicalProtectionBaseType">
<xs:complexContent>
<xs:restriction base="TechnicalProtectionBaseType">
<xs:sequence>
<xs:choice>
<xs:element ref="PrivateKeyProtection"/>
</xs:choice>
</xs:sequence>
</xs:restriction>
</xs:complexContent>
</xs:complexType>
<xs:complexType name="PrincipalAuthenticationMechanismType">
<xs:complexContent>
<xs:restriction base="PrincipalAuthenticationMechanismType">
<xs:sequence>
<xs:element ref="Smartcard"/>
<xs:element ref="ActivationPin"/>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:restriction>
</xs:complexContent>
</xs:complexType>
<xs:complexType name="AuthenticatorBaseType">
<xs:complexContent>
<xs:restriction base="AuthenticatorBaseType">
<xs:sequence>
<xs:choice>
<xs:element ref="DigSig"/>
<xs:element ref="AsymmetricDecryption"/>
<xs:element ref="AsymmetricKeyAgreement"/>
</xs:choice>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:restriction>
</xs:complexContent>
</xs:complexType>
<xs:complexType name="PrivateKeyProtectionType">
<xs:complexContent>
<xs:restriction base="PrivateKeyProtectionType">
<xs:sequence>
<xs:element ref="KeyActivation"/>
<xs:element ref="KeyStorage"/>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:restriction>
</xs:complexContent>
</xs:complexType>
<xs:complexType name="KeyActivationType">
<xs:complexContent>
<xs:restriction base="KeyActivationType">
<xs:sequence>
<xs:element ref="ActivationPin"/>
</xs:sequence>
</xs:restriction>
</xs:complexContent>
</xs:complexType>
<xs:complexType name="KeyStorageType">
<xs:complexContent>
<xs:restriction base="KeyStorageType">
<xs:attribute name="medium" use="required">
<xs:simpleType>
<xs:restriction base="mediumType">
<xs:enumeration value="smartcard"/>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
</xs:restriction>
</xs:complexContent>
</xs:complexType>
</xs:redefine>
</xs:schema>
|
