Features and algorithms
|
Key Word
|
XMLSec with OpenSSL |
XMLSec with GnuTLS(0) |
XMLSec with NSS(0) |
Detached Signature
|
MUST
|
Y
|
Y
|
Y
|
Enveloping Signature: same document reference with fragment
(URI="#Object1")
|
MUST
|
Y
|
Y
|
Y
|
Enveloped Signature: same document reference (URI="") with
Enveloped Signature Transform .
|
MUST
|
Y
|
Y
|
Y
|
SignatureValue generation/validation
|
MUST
|
Y
|
Y
|
Y
|
Manifest
DigestValue generation/valdiation
|
MAY |
Y
|
Y
|
Y
|
Feature: laxly
schema valid Signature element generation
|
MUST
|
Y
|
Y
|
Y
|
XPointers '#xpointer(/)'
|
SHOULD
|
Y
|
Y
|
Y
|
XPointers '#xpointer(id("ID"))'
|
SHOULD
|
Y
|
Y
|
Y
|
XPointers: full suppport |
MAY
|
Y
|
Y
|
Y
|
XPath
|
SHOULD
|
Y
|
Y
|
Y
|
the dsig XPath
'here()' function (can be used to implement enveloped signature)
|
SHOULD
|
Y
|
Y
|
Y
|
XSLT (note, the child
XSLT element of Transform has been deprecated.)
|
MAY
|
Y
|
Y
|
Y
|
RetrievalMethod (e.g.,
X509Data)
|
SHOULD
|
Y
|
Y
|
Y
|
SHA1
|
MUST
|
Y
|
Y
|
Y
|
Base64
|
MUST
|
Y
|
Y
|
Y
|
HMAC-SHA1
|
MUST
|
Y
|
Y
|
Y
|
DSAwithSHA1
(DSS)
|
MUST
|
Y(1)
|
N
|
N
|
RSAwithSHA1
|
SHOULD
|
Y
|
N
|
N
|
X509 support
|
SHOULD
|
Y
|
N
|
N
|
minimal
(deprecated)
|
n/a
|
N
|
N
|
N
|
Canonical XML
(20010315)
|
MUST
|
Y
|
Y
|
Y
|
Canonical XML
with comments
|
SHOULD
|
Y
|
Y
|
Y
|
Exlusive
Canonical XML
|
SHOULD
|
Y
|
Y
|
Y
|
Exlusive
Canonical XML with comments
|
SHOULD
|
Y
|
Y
|
Y
|
Enveloped Signature
|
MUST
|
Y
|
Y
|
Y
|
Additional algorithms (
* )
|
|
|
|
|
HMAC-MD5
|
|
Y
|
Y
|
Y
|
HMAC-RIPEMD160
|
|
Y
|
Y
|
Y
|
XPointer transform
|
|
Y
|
Y
|
Y
|