The first example is of a single signature that tests the referencing and processing model, including detached, enveloped, and envoloping signature; transforms; XPointers; XSLT; and Manifests.
| Application Features | Key Word | DataPower | |
| Detached Signature | MUST | Y1 Y2 | |
| Enveloping Signature: same document reference with fragment (URI="#Object1") | MUST | Y1 Y2 | |
| Enveloped Signature: same document reference (URI="") with Enveloped Signature Transform. | MUST | Y1 Y2 | |
SignatureValue
generation/validation |
MUST | Y1 Y2 | |
Manifest
DigestValue generation/valdiation |
MAY | N | |
Feature: laxly schema
valid Signature element generation |
MUST | Y1 Y2 | |
| XPointers '#xpointer(/)' | SHOULD | N | |
| XPointers '#xpointer(id("ID"))' | SHOULD | N | |
| XPath | SHOULD | Y1 Y2 | |
| the dsig XPath 'here()' function (can be used to implement enveloped signature) | SHOULD | N | |
XSLT (note, the child XSLT element
of Transform has been deprecated.) |
MAY | Y1 Y2 | |
| RetrievalMethod (e.g., X509Data) | SHOULD | N | |
| Algorithms | Key Word | DataPower | |
| Digest | SHA1 | MUST | Y1 Y2 |
| Encoding | Base64 | MUST | Y1 Y2 |
| MAC | HMAC-SHA1 | MUST | Y1 Y2 |
| Signature | DSAwithSHA1 (DSS) |
MUST | Y1 Y2 |
| RSAwithSHA1 | SHOULD | Y1 Y2 | |
| Canonicalization | minimal (deprecated) | n/a | N |
| Canonical XML (20010315) | MUST | Y1 Y2 | |
| Canonical XML with comments | SHOULD | Y1 Y2 | |
| Signature Transform | Enveloped Signature | MUST | Y1 Y2 |