XMLSec Library

XMLSec Library
XML-Signature Interoperability Report

Aleksey Sanin
March 14, 2002


Features and algorithms
Key Word
Support
Detached Signature
MUST
Y
Enveloping Signature: same document reference with fragment (URI="#Object1")
MUST
Y
Enveloped Signature: same document reference (URI="") with Enveloped Signature Transform .
MUST
Y
SignatureValue generation/validation
MUST
Y
Manifest DigestValue generation/valdiation
MAY
N
Feature: laxly schema valid Signature element generation
MUST
Y
XPointers '#xpointer(/)'
SHOULD
Y
XPointers '#xpointer(id("ID"))'
SHOULD
Y
XPointers (full support)
MAY
N
XPath
SHOULD
Y
the dsig XPath 'here()' function (can be used to implement enveloped signature)
SHOULD
Y
XSLT (note, the child XSLT element of Transform has been deprecated.)
MAY
N
RetrievalMethod (e.g., X509Data)
SHOULD
N
SHA1
MUST
Y
Base64
MUST
Y
HMAC-SHA1
MUST
Y
DSAwithSHA1
(DSS)

MUST
Y(*)
RSAwithSHA1
SHOULD
Y
X509 support
SHOULD
N
minimal (deprecated)
n/a
N
Canonical XML (20010315)
MUST
Y
Canonical XML with comments
SHOULD
Y
Exlusive Canonical XML
SHOULD
Y
Exlusive Canonical XML with comments
SHOULD
Y
Enveloped Signature
MUST
Y
 
 
 

(*) Defining DSA key with Seed and PgenCounter is not supported yet.

Test suites:
merlin-xmldsig-sixteen.tar.gz (features)
merlin-xmldsig-fifteen.tar.gz (algorithms)