Trust Fabric Conformance Tests
From GFIPM Implementation Wiki
GFIPM has numerous requirements associated with how members use SAML 2 Metadata documented in both the GFIPM Web Browser User to System Profile and the GFIPM Cryptographic Trust Model. This page offers some techniques to help test conformance with these various specifications.
Service Providers
Service Providers must be able to consume the SAML 2 Metadata for an Identity Provider in order to establish trust and to allow that IDP to authenticate users for the SP. The SP should validate this metadata. Within GFIPM this validation is by requiring the SAML 2 Metadata be digitally signed by a trusted Federation Manager. To test that your service provider is capable of validating metadata, you can use the following test metadata:
Reference Certificate Authority Signed Reference IDP Metadata Signed Reference Federation Metadata IDP Metadata with Invalid Signature
Identity Providers
TBD