Notes about deviation from profile are not being stated in the DSGj profile

[ritikarawlani]

It is presumed that the deviations from the profile will yield implementations non-conformant to the DSGj profile and that doesn't need to be explicitly stated.

Repeated below is the content that was proposed but not included inthe chapter.

"Note that Content Creators and Content Consumers should be capable of being configured to other conformance policies to support local policy. For example, some environments may choose a different JAdES profile, hashing algorithm, policy identifier, or signature purpose vocabulary. Content Creators would thus create Digital Signature blocks that are not conformant to this profile. Content Consumers can validate these Digital Signature blocks, and be capable of configured behavior according to the local policy. Deviations from these guidelines would need to be expressed in site policy and would be enumerated in the JWS-Signature block. For example, some environments may choose a different hashing algorithm, policy identifier, or signature purpose vocabulary. Some regions also require conformance to ISO 17090, which includes additional Certificate issuing, content, and validation rules."