This library was written to support the NeuClear project. As such most of the features of our support of the standard are designed to support the needs of this project. We provide interoperability of all the features that we need and then some. However we do not offer full interoperability as there are features that we will never use in NeuClear. If anyone wants to implement them, please let us know and we will happily include them.
Missing features as required by the W3C Standard on XML Signatures are:
|
Features and algorithms
|
Key Word
| NeuClear XMLSig version 0.6 |
|
Detached Signature
| MUST
| Y
|
|
Enveloping Signature: same document reference with fragment (URI="#Object1")
| MUST
| Y
|
|
Enveloped Signature: same document reference (URI="") with
Enveloped Signature Transform .
| MUST
| Y
|
|
SignatureValue generation/validation
| MUST
| Y
|
|
Manifest DigestValue
generation/valdiation
| MAY | N
|
| Feature:
laxly schema valid
Signature element generation
| MUST
| Y
|
|
XPointers
'#xpointer(/)'
| SHOULD
| Y
|
|
XPointers
'#xpointer(id("
ID"))'
| SHOULD
| N
|
| XPointers: full suppport | MAY
| N
|
|
XPath
| SHOULD
| Y
|
| the dsig
XPath 'here()'
function (can be used to implement enveloped signature)
| SHOULD
| Y
|
XSLT (note, the child
XSLT
element of Transform has been deprecated.)
| MAY
| N
|
| RetrievalMethod (e.g., X509Data)
| SHOULD
| N
|
|
SHA1
| MUST
| Y
|
|
Base64
| MUST
| N
|
|
HMAC-SHA1
| MUST
| N
|
|
DSAwithSHA1
(DSS) | MUST
| Y
|
|
RSAwithSHA1
| SHOULD
| Y
|
| X509 support
| SHOULD
| Limited to verifying with embedded X509 certificates.
|
|
minimal (deprecated)
| n/a
| N
|
|
Canonical XML
(20010315)
| MUST
| Y
|
|
Canonical XML
with comments
| SHOULD
| Y
|
|
Exlusive Canonical
XML
| SHOULD
| N
|
|
Exlusive Canonical
XML with comments
| SHOULD
| N
|
|
Enveloped Signature
| MUST
| Y
|