Adapt 19.698.4 <table:table>/table:protected:
Adapt 2nd sentence from
If the table is protected and the table:protection-key attribute is present, an authorization is required for resetting the protection flag to enable editing.
to
If the table is protected, the table:protection-key attribute can specify an authorization requirement for resetting the protection flag to enable editing.
19.699 table:protection-key: Adapt description to.
The table:protection-key attribute, when present, specifies that an authorization is required for removing the protection of a table, table cell or scenario. The authentication procedure is identified by the table:protection-key-digest-algorithm attribute 19.700. The attribute value is binary data that may be used by the authentication procedure.
19.700 protection-key-digest-algorithm: Replace first paragraph with:
The table:protection-key-digest-algorithm attribute value is an IRI that identifies an authentication procedure for removing a protection.
If the IRI identifies a message-digest algorithm specified in §5.7 of [xmlenc-core], the value of table:protection-key attribute shall be the hash value of the password that is required to authorize removal of the protection. The password shall be provided as a sequence of bytes in UTF-8 encoding.
Any other procedures, their identifying IRIs, and their application of table:protection-key values are implementation-defined.
Consumers shall support http://www.w3.org/2000/09/xmldsig#sha1, which is the default, and http://www.w3.org/2000/09/xmldsig#sha256. They may support other algorithms described in §5.7 of [xmlenc-core] or alternative procedures. Producers should use http://www.w3.org/2000/09/xmldsig#sha256, or an alternative procedure that is not based on storing passwords in any form, including hash-coded copies.
19.797 table:structure-protected. Replace first paragraph with:
The table:structure-protected attribute specifies whether a table is protected from the insertion, deletion, moving or renaming of tables in the document. If the table structure is protected and the table:protection-key attribute is present, an authorization is required for resetting the protection flag to enable editing.
19.851 text:protected Replace the note with
If the section is protected and the text:protection-key attribute is present, an authorization is required for resetting the protection flag to enable editing.
19:852 text:protection-key Adapt description to.
The text:protection-key attribute, when present, specifies that an authorization is required for removing the protection of a section. The authentication procedure is identified by the text:protection-key-digest-algorithm attribute 19.852. The attribute value is binary data that may be used by the authentication procedure.
19.852 text:protection-key-digest-algorithm Replace first paragraph with:
The text:protection-key-digest-algorithm attribute value is an IRI that identifies an authentication procedure for removing a protection.
If the IRI identifies a message-digest algorithm specified in §5.7 of [xmlenc-core], the value of text:protection-key attribute shall be the hash value of the password that is required to authorize removal of the protection. The password shall be provided as a sequence of bytes in UTF-8 encoding.
Any other procedures, their identifying IRIs, and their application of text:protection-key values are implementation-defined.
Consumers shall support http://www.w3.org/2000/09/xmldsig#sha1, which is the default, and http://www.w3.org/2000/09/xmldsig#sha256. They may support other algorithms described in §5.7 of [xmlenc-core] or alternative procedures. Producers should use http://www.w3.org/2000/09/xmldsig#sha256, or an alternative procedure that is not based on storing passwords in any form, including hash-coded copies.