Features and algorithms
|
Key Word
|
Support
|
Detached Signature
|
MUST
|
Y
|
Enveloping Signature: same document reference
with fragment (URI="#Object1")
|
MUST
|
Y
|
Enveloped Signature: same document reference
(URI="") with
Enveloped Signature Transform .
|
MUST
|
Y
|
SignatureValue generation/validation
|
MUST
|
Y
|
Manifest DigestValue generation/valdiation
|
MAY |
Y
|
Feature:
laxly schema valid Signature element generation
|
MUST
|
Y
|
XPointers '#xpointer(/)'
|
SHOULD
|
Y
|
XPointers '#xpointer(id("ID"))'
|
SHOULD
|
Y
|
XPath
|
SHOULD
|
Y
|
the dsig
XPath 'here()' function (can be used to implement
enveloped signature)
|
SHOULD
|
Y
|
XSLT (note, the child
XSLT element of Transform has been
deprecated.)
|
MAY
|
Y
|
RetrievalMethod (e.g.,
X509Data)
|
SHOULD
|
Y
|
SHA1
|
MUST
|
Y
|
Base64
|
MUST
|
Y
|
HMAC-SHA1
|
MUST
|
Y
|
DSAwithSHA1
(DSS)
|
MUST
|
Y(*)
|
RSAwithSHA1
|
SHOULD
|
Y
|
X509 support
|
SHOULD
|
Y
|
minimal (deprecated)
|
n/a
|
N
|
Canonical XML (20010315)
|
MUST
|
Y
|
Canonical XML with comments
|
SHOULD
|
Y
|
Exlusive Canonical XML
|
SHOULD
|
Y
|
Exlusive Canonical XML with comments
|
SHOULD
|
Y
|
Enveloped Signature
|
MUST
|
Y
|
Additional algorithms
(*)
|
|
|
HMAC-MD5
|
|
Y
|
HMAC-RIPEMD160
|
|
Y
|