Those signatures are still available in version 7.0, however, some are not enabled by default.
All Cisco signature pack comes with default "enabled" signature, and Cisco dynamically retired, disabled signature on new signature pack accordingly, and they were documented in the release notes of each signature pack update.
I have double checked the 4 enquired signatures on version 7.0.1(E3), and they are not retired.
However, some of them are disabled (you can manually enable them if you deem that your environment might still be affected by those signatures) --> normally they are disabled for a reason by development team (ie: no longer applicable).
From your list, please find the following:
- 3564/0 --> not retired, and enabled
- 4607/6 --> not retired, but disabled (4607/1 --> retired)
- 6203/1 --> not retired, but disabled
- 9401/2 --> not retired, but disabled
To check whether a particular signature is retired or not, you can go to Cisco SIO page (under signature search):
In terms of signature with sub-signature, 0 does not mean that it is the main signature. The sub-signature always starts from the number "0". Comparing sub-signature "0" and "1" for example, they will be inspecting different things within the same signature name, hence retiring sub-signature 0 is not dependant on other active/enabled sub-signature.