A company is required to submit requests to an SOA application within a partner's environment. The company is deploying a DataPower device for outbound Web services traffic. The partner requires digital signatures for all incoming messages. The company has an internal Certificate Authority and a copy of it's X.509 signer certificate, and a public and private X.509 key pair created and signed by the internal Certificate Authority. 
How should this company provide for this requirement?

A.Add a Sign Action to the default request rule using the company's public and private X.509 keys
     
B.Add a Verify Action to the default request rule, using the company's public and private X.509 keys, supply the Certificate Authorities X.509 signer certificate to the partner
     
C.Add a Sign Action to the default response rule using the company's public and private X.509 keys
     
D.Add a Verify Action to the default response rule, using the company's public and private X.509 keys, supply the Certificate Authorities X.509 signer certificate to the partner
     
E.No action required, non-repudiation is performed automatically in a WS-Proxy
 
No action required, non-repudiation is performed automatically in a WS-Proxy