Trust Fabric Conformance Tests

From GFIPM Implementation Wiki
Revision as of 18:33, 6 April 2011 by Jeff.Krug (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

GFIPM has numerous requirements associated with how members use SAML 2 Metadata documented in both the GFIPM Web Browser User to System Profile and the GFIPM Cryptographic Trust Model. This page offers some techniques to help test conformance with these various specifications.

Service Providers

Service Providers must be able to consume the SAML 2 Metadata for an Identity Provider in order to establish trust and to allow that IDP to authenticate users for the SP. The SP should validate this metadata. Within GFIPM this validation is by requiring the SAML 2 Metadata be digitally signed by a trusted Federation Manager. To test that your service provider is capable of validating metadata, you can use the following test metadata: 

Reference Certificate Authority
Signed Reference IDP Metadata
Signed Reference Federation Metadata
IDP Metadata with Invalid Signature

Identity Providers

TBD

Retrieved from "https://impl.gfipm.net/mwiki/index.php?title=Trust_Fabric_Conformance_Tests&oldid=376"