[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
current SPKI BNF
Here's the current SPKI BNF, from my working copy of the draft:
4.1 BNF of SPKI Objects
The following defines an SPKI certificate and related objects,
expressed here in pseudo-BNF -- with "*" meaning closure (0 or more
occurrences) and "?" meaning optional (0 or 1 occurrence). At the
top level (not used internally in any other object) are the following
three objects. Other objects, such as <pub-key>, might also occur at
a top level, to be hashed and referred to by hash.
<cert-body>:: "(" "certificate" <version>? <issuer> <issuer-loc>?
<subject> <subject-loc>? <deleg>? <auth> <comments>* <valid> ")" ;
<sig>:: "(" "signed" <sobj> <principal> <sig-val> ")" ;
<bundle>:: "(" "bundle" <s-expression>* ")" ;
<acl>:: "(" "acl" <subj-tag>* ")" ;
Note that the fields in a <cert-body> don't need to be in the order
given by the BNF, because they are all self-identified, but we
recommend that they be given in that order, for human readability.
Defined below are the other elements of this BNF description.
<auth>:: "(" "tag" ")" | "(" "tag" <tag-body> ")" ;
<comments>:: "(" "comment" byte-string* ")" ;
<deleg-style>:: "to-key" | "no" | "yes" ;
<deleg>:: "(" "propagate" <deleg-style> ")" ;
<fq-name>:: "(" "ref" <principal> <names> ")" ;
<hash-alg-name>:: byte-string ;
<hash-of-key>:: <hash> ;
<hash-value>:: byte-string ;
<hash>:: "(" "hash" <hash-alg-name> <hash-value> <uri>? ")" ;
<int>:: byte-string ;
<issuer-loc>:: "(" "issuer-info" <uri> <param>* ")"
<issuer-name>:: <principal> | <simple-name> ;
<issuer>:: "(" "issuer" <issuer-name> ")" ;
<keyholder>:: "(" "keyholder" <principal> ")" ;
<name>:: <relative-name> | <fq-name> ;
<names>:: byte-string | <names> byte-string ;
<not-after>:: "(" "not-after" <date> ")" ;
<not-before>:: "(" "not-before" <date> ")" ;
<obj>:: "(" "object" byte-string ")" ;
<online-test>:: "(" "online" <byte-string> <uri> <param>* ")" ;
<ordering>:: "alpha" | "numeric" | "date" ;
<param>:: byte-string | <s-expression> ;
<principal>:: <pub-key> | <hash-of-key> ;
<pub-key>:: "(" "public-key" <pub-sig-alg-and-key> ")" ;
<pub-sig-alg-and-key>:: TBD
<range-comparison>:: "<" | "<=" | ">" | ">=" ;
<range-limit>:: <range-comparison> byte-string ;
<relative-name>:: "(" "ref" <names> ")" ;
<s-expression>:: "(" byte-string <param>* ")" ;
<sec-sig-alg-and-key>:: TBD
<secret-sig-key>:: "(" "secret-key" <sec-sig-alg-and-key> ")" ;
<set-param>:: "(" "*" "set" <set-param>* ")" | "(" "*" "null" ")" |
"(" "*" "intersect" <set-param>* ")" | "(" "*" "range" <ordering>
<range-limit>* ")" | "(" "*" "prefix" byte-string ")" ;
<set-tag>:: "(" "*" "set" <simple-tag>* ")" | "(" "*" <set-type>
<simple-tag> ")" ;
<set-type>:: "reorder" | "reorder-insert" | "reorder-delete" |
"append" ;
<sig-val>:: <param> ;
<simple-name>:: "(" "ref" <principal> byte-string ")" ;
<simple-tag>:: "(" byte-string <tag-param>* ")" ;
<sobj>:: <hash> | <obj> ;
<subj-names>:: "(" "subject-names" <name>* ")" ;
<subj-obj>:: <principal> | <relative-name> | <hash> | <secret-sig-
key> | <keyholder> ;
<subj-tag>:: <subj-names> <auth> ;
<subject-loc>:: "(" "subject-info" <uri> <param>* ")" ;
<subject>:: "(" "subject" <subj-obj> ")" ;
<tag-body>:: <simple-tag> | <set-tag> ;
<tag-param>:: <param> | <set-param> ;
<uri>:: byte-string ;
<valid>:: <not-before>? <not-after>? <online-test>* ;
<version>:: "(" "version" <int> ")" ;
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+