diff --git a/etc/cyclonedds.xsd b/etc/cyclonedds.xsd
index 867f95b..3bd9a64 100644
--- a/etc/cyclonedds.xsd
+++ b/etc/cyclonedds.xsd
@@ -7,7 +7,7 @@ CycloneDDS configuration
-
+
@@ -17,17 +17,18 @@ CycloneDDS configuration
<p>The General element specifying Domain related settings.</p>
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
<p>This element is used to set thread properties.</p>
@@ -38,8 +39,8 @@ CycloneDDS configuration
-
-
+
+
@@ -146,6 +147,405 @@ though there is no good reason not to.</li></ul>
+
+
+
+<p>This element is used to configure Cyclone DDS with the DDS Security
+specification plugins and settings.</p>
+
+
+
+
+
+
+
+
+
+
+
+
+<p>This element configures the Access Control plugin of the DDS Security
+specification.</p>
+
+
+
+
+
+
+
+RELOFF (cfg.access_control_plugin), pf_string, BLURB("<p>This element
+specifies the library to be loaded as the DDS Security Access Control
+plugin.</p>
+
+
+
+
+
+
+RELOFF (cfg.access_control_plugin.library_finalize), pf_string,
+BLURB("<p>This element names the finalization function of Access Control
+plugin. This function is called to let the plugin release its
+resources.</p>
+
+
+
+
+
+
+RELOFF (cfg.access_control_plugin.library_init), pf_string,
+BLURB("<p>This element names the initialization function of Access
+Control plugin. This function is called after loading the plugin library
+for instantiation purposes. Init function must return an object that
+implements DDS Security Access Control interface.</p>
+
+
+
+
+
+
+RELOFF (cfg.access_control_plugin.library_path), pf_string,
+BLURB("<p>This element points to the path of Access Control plugin
+library.</p>
+
+<p>It can be either absolute path excluding file extension (
+/usr/lib/dds_security_ac ) or single file without extension (
+dds_security_ac ).</p>
+
+<p>If single file is supplied, the library located by way of the current
+working directory, or LD_LIBRARY_PATH for Unix systems, and PATH for
+Windows systems.</p>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+RELOFF (cfg.access_control_properties.governance), pf_string,
+BLURB("<p>URI to the shared Governance Document signed by the Permissions
+CA in S/MIME format</p>
+
+<p>URI schemes: file, data</p><br>
+
+<p>Examples file URIs:</p>
+
+<p><Governance>file:governance.smime</Governance></p>
+
+<p><Governance>file:/home/myuser/governance.smime</Governance></p><br>
+
+<p><Governance><![CDATA[data:,MIME-Version: 1.0</p>
+
+<p>Content-Type: multipart/signed;
+protocol="application/x-pkcs7-signature"; micalg="sha-256";
+boundary="----F9A8A198D6F08E1285A292ADF14DD04F"</p>
+
+<p>This is an S/MIME signed message </p>
+
+<p>------F9A8A198D6F08E1285A292ADF14DD04F</p>
+
+<p><?xml version="1.0" encoding="UTF-8"?></p>
+
+<p><dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"</p>
+
+<p>xsi:noNamespaceSchemaLocation="omg_shared_ca_governance.xsd"></p>
+
+<p><domain_access_rules></p>
+
+<p> . . . </p>
+
+<p></domain_access_rules></p>
+
+<p></dds></p>
+
+<p>...</p>
+
+<p>------F9A8A198D6F08E1285A292ADF14DD04F</p>
+
+<p>Content-Type: application/x-pkcs7-signature; name="smime.p7s"</p>
+
+<p>Content-Transfer-Encoding: base64</p>
+
+<p>Content-Disposition: attachment; filename="smime.p7s"</p>
+
+<p>MIIDuAYJKoZIhv ...al5s=</p>
+
+<p>------F9A8A198D6F08E1285A292ADF14DD04F-]]</Governance></p>
+
+
+
+
+
+
+RELOFF (cfg.access_control_properties.permissions), pf_string,
+BLURB("<p>URI to the DomainParticipant permissions document signed by the
+Permissions CA in S/MIME format</p>
+
+<p>The permissions document specifies the permissions to be applied to a
+domain.</p><br>
+
+<p>Example file URIs:</p>
+
+<p><Permissions>file:permissions_document.p7s</Permissions></p>
+
+<p><Permissions>file:/path_to/permissions_document.p7s</Permissions></p>
+
+<p>Example data URI:</p>
+
+<p><Permissions><![CDATA[data:,.........]]</Permissions></p>
+
+
+
+
+
+
+RELOFF (cfg.access_control_properties.permissions_ca), pf_string,
+BLURB("<p>URI to a X509 certificate for the PermissionsCA in PEM
+format.</p>
+
+<p>Supported URI schemes: file, data</p>
+
+<p>The file and data schemas shall refer to a X.509 v3 certificate (see
+X.509 v3 ITU-T Recommendation X.509 (2005) [39]) in PEM format.</p><br>
+
+<p>Examples:</p><br>
+
+<p><PermissionsCA>file:permissions_ca.pem</PermissionsCA></p>
+
+<p><PermissionsCA>file:/home/myuser/permissions_ca.pem</PermissionsCA></p><br>
+
+<p><PermissionsCA>data:<strong>,</strong>-----BEGIN CERTIFICATE-----</p>
+
+<p>MIIC3DCCAcQCCQCWE5x+Z ... PhovK0mp2ohhRLYI0ZiyYQ==</p>
+
+<p>-----END CERTIFICATE-----</PermissionsCA></p>
+
+
+
+
+
+
+<p>This element configures the Authentication plugin of the DDS Security
+specification.</p>
+
+
+
+
+
+
+
+
+RELOFF (cfg.authentication_plugin), pf_string, BLURB("<p>This element
+specifies the library to be loaded as the DDS Security Access Control
+plugin.</p>
+
+
+
+
+
+
+RELOFF (cfg.authentication_plugin.library_finalize), pf_string,
+BLURB("<p>This element names the finalization function of Authentication
+plugin. This function is called to let the plugin release its
+resources.</p>
+
+
+
+
+
+
+RELOFF (cfg.authentication_plugin.library_init), pf_string,
+BLURB("<p>This element names the initialization function of
+Authentication plugin. This function is called after loading the plugin
+library for instantiation purposes. Init function must return an object
+that implements DDS Security Authentication interface.</p>
+
+
+
+
+
+
+RELOFF (cfg.authentication_plugin.library_path), pf_string,
+BLURB("<p>This element points to the path of Authentication plugin
+library.</p>
+
+<p>It can be either absolute path excluding file extension (
+/usr/lib/dds_security_auth ) or single file without extension (
+dds_security_auth ).</p>
+
+<p>If single file is supplied, the library located by way of the current
+working directory, or LD_LIBRARY_PATH for Unix systems, and PATH for
+Windows systems.</p>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+RELOFF (cfg.authentication_properties.identity_ca), pf_string,
+BLURB("<p>URI to the X509 certificate [39] of the Identity CA that is the
+signer of Identity Certificate.</p>
+
+<p>Supported URI schemes: file, data</p>
+
+<p>The file and data schemas shall refer to a X.509 v3 certificate (see
+X.509 v3 ITU-T Recommendation X.509 (2005) [39]) in PEM format.</p>
+
+<p>Examples:</p>
+
+<p><IdentityCA>file:identity_ca.pem</IdentityCA></p>
+
+<p><IdentityCA>data:,-----BEGIN CERTIFICATE-----<br>
+
+MIIC3DCCAcQCCQCWE5x+Z...PhovK0mp2ohhRLYI0ZiyYQ==<br>
+
+-----END CERTIFICATE-----</IdentityCA></p>
+
+
+
+
+
+
+RELOFF (cfg.authentication_properties.identity_certificate), pf_string,
+BLURB("<p>Identity certificate that will be used for identifying all
+participants in the OSPL instance.<br>The content is URI to a X509
+certificate signed by the IdentityCA in PEM format containing the signed
+public key.</p>
+
+<p>Supported URI schemes: file, data</p>
+
+<p>Examples:</p>
+
+<p><IdentityCertificate>file:participant1_identity_cert.pem</IdentityCertificate></p>
+
+<p><IdentityCertificate>data:,-----BEGIN CERTIFICATE-----<br>
+
+MIIDjjCCAnYCCQDCEu9...6rmT87dhTo=<br>
+
+-----END CERTIFICATE-----</IdentityCertificate></p>
+
+
+
+
+
+
+RELOFF (cfg.authentication_properties.password), pf_string, BLURB("<p>A
+password used to decrypt the private_key.</p>
+
+The value of the password property shall be interpreted as the Base64
+encoding of the AES-128 key that shall be used to decrypt the private_key
+using AES128-CBC.</p>
+
+If the password property is not present, then the value supplied in the
+private_key property must contain the unencrypted private key. </p>
+
+
+
+
+
+
+RELOFF (cfg.authentication_properties.private_key), pf_string,
+BLURB("<p>URI to access the private Private Key for all of the
+participants in the OSPL federation.</p>
+
+<p>Supported URI schemes: file, data</p>
+
+<p>Examples:</p>
+
+<p><PrivateKey>file:identity_ca_private_key.pem</PrivateKey></p>
+
+<p><PrivateKey>data:,-----BEGIN RSA PRIVATE KEY-----<br>
+
+MIIEpAIBAAKCAQEA3HIh...AOBaaqSV37XBUJg==<br>
+
+-----END RSA PRIVATE KEY-----</PrivateKey></p>
+
+
+
+
+
+
+RELOFF (cfg.authentication_properties.trusted_ca_dir), pf_string,
+BLURB("<p>Trusted CA Directory which contains trusted CA certificates as
+separated files.</p>
+
+
+
+
+
+
+<p>This element configures the Cryptographic plugin of the DDS Security
+specification.</p>
+
+
+
+
+
+
+RELOFF (cfg.cryptography_plugin), pf_string, BLURB("<p>This element
+specifies the library to be loaded as the DDS Security Cryptographic
+plugin.</p>
+
+
+
+
+
+
+RELOFF (cfg.cryptography_plugin.library_finalize), pf_string,
+BLURB("<p>This element names the finalization function of Cryptographic
+plugin. This function is called to let the plugin release its
+resources.</p>
+
+
+
+
+
+
+RELOFF (cfg.cryptography_plugin.library_init), pf_string, BLURB("<p>This
+element names the initialization function of Cryptographic plugin. This
+function is called after loading the plugin library for instantiation
+purposes. Init function must return an object that implements DDS
+Security Cryptographic interface.</p>
+
+
+
+
+
+
+RELOFF (cfg.cryptography_plugin.library_path), pf_string, BLURB("<p>This
+element points to the path of Cryptographic plugin library.</p>
+
+<p>It can be either absolute path excluding file extension (
+/usr/lib/dds_security_crypto ) or single file without extension (
+dds_security_crypto ).</p>
+
+<p>If single file is supplied, the library located by way of the current
+working directory, or LD_LIBRARY_PATH for Unix systems, and PATH for
+Windows systems.</p>
+
+
+
+
+
+
+
+
+