I4:Information Card Identity Selector Features
{{#vardefine:DtArticleSortKey|}}
Feature-Basic use of Self-Issued Information Card
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Basic use of Self-Issued Information Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Basic use of Self-Issued Information Card - Maturity: Established {{#if: I1 | (I1 ) }} | |||
|---|---|---|---|
| Support for self-issued cards containing claims maintained by the user. | Verify correct communication of self-issued claim values | Required and selected optional claims delivered | Additional claims delivered or some selected claims not delivered |
Tests
I4:FeatureTest-Selector Use with Self-Issued Cards
Feature-Basic use of PIN-protected Self-Issued Information Card
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Basic use of PIN-protected Self-Issued Information Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Basic use of PIN-protected Self-Issued Information Card - Maturity: Established {{#if: I1 | (I1 ) }} | |||
|---|---|---|---|
| Support for self-issued cards protected by a user-set PIN number | Use a self-issued information card protected by a PIN number | Required and selected optional claims delivered | Additional claims delivered or some selected claims not delivered |
Tests
I4:FeatureTest-Selector PIN-protection of Cards
Feature-Basic use of Managed Card backed by Self-Issued Information Card
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Basic use of Managed Card backed by Self-Issued Information Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Basic use of Managed Card backed by Self-Issued Information Card - Maturity: Established {{#if: I1 | (I1 ) }} | |||
|---|---|---|---|
| Support for import and use of a managed card backed by a self-issued card. | Create a managed card backed by a self-issued card, import it into the Selector, and use it at a relying party. | Works | Fails |
Tests
I4:FeatureTest-Selector with card-backed Managed Cards
Feature-Basic use of Managed Card backed by X.509 Certificate
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Basic use of Managed Card backed by X.509 Certificate|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Basic use of Managed Card backed by X.509 Certificate - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Support for import and use of a managed card backed by an X.509 certificate | Create a managed card backed by an X.509 certificate, import it into the Selector, and use it at a relying party. | Works | Fails |
Tests
I4:FeatureTest-Selector Support for Managed Card backed by X.509 Certificate
Feature-Basic use of Managed Card backed by Kerberos
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Basic use of Managed Card backed by Kerberos|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Basic use of Managed Card backed by Kerberos - Maturity: Emerging {{#if: | ({{{maturity_date}}} ) }} | |||
|---|---|---|---|
| Support for import and use of a managed card backed by a Kerberos ticket | Create a managed card backed by a Kerberos ticket, import it into the Selector, and use it at a relying party. | Works or fails with actionable error message | Fails |
Tests
Implementation priority: medium
Feature-Basic use of Managed Card backed by Username and Password
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Basic use of Managed Card backed by Username and Password|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Basic use of Managed Card backed by Username and Password - Maturity: Established {{#if: I1 | (I1 ) }} | |||
|---|---|---|---|
| Support for import and use of a managed card backed by a username and password | Create a managed card backed by a password, import it into the Selector, and use it at a relying party. | Possible to specify a password and complete the transaction | Error or unable to specify a password |
Tests
I4:FeatureTest-Selector with UNPW-backed Managed Cards
Feature-Support for Auditing Cards
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support for Auditing Cards|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Support for Auditing Cards - Maturity: Established {{#if: I1 | (I1 ) }} | |||
|---|---|---|---|
| Cards with mandatory RequireAppliesTo property, as per ISIP § 4.1.1.5, 4.3.3 | Import and use card with mandatory RequireAppliesTo. | If AppliesTo supplied by RP, send AppliesTo value from RP policy in token request to IP. If not supplied, send the RP endpoint to which token will be sent as the value of AppliesTo in token request to IP. | Other behaviors |
Tests
I4:FeatureTest-Selector Support for Auditing Cards
Feature-Support for Auditing-Optional Cards
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support for Auditing-Optional Cards|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Support for Auditing-Optional Cards - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Cards with optional RequireAppliesTo property, as per ISIP § 4.1.1.5, 4.3.3 | Import and use card with optional RequireAppliesTo. | If AppliesTo supplied by RP, send AppliesTo value from RP policy in token request to IP. If not supplied, do not send AppliesTo in token request to IP. | Other behaviors |
Tests
I4:FeatureTest-Selector Support for Auditing-Optional Cards
Feature-Support for Non-Auditing Cards
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support for Non-Auditing Cards|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Support for Non-Auditing Cards - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Cards without RequireAppliesTo property, as per ISIP § 4.1.1.5, 4.3.3 | Import and use card without RequireAppliesTo | If AppliesTo supplied by RP, fail with actionable error message. If not, Do not send AppliesTo in token request to IP. | Other behaviors |
Tests
I4:FeatureTest-Selector Support for Non-Auditing Cards
Feature-Cards Supporting Multiple Token Types
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Cards Supporting Multiple Token Types|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Cards Supporting Multiple Token Types - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| As per ISIP § 4.1.1.3 | Import and use card capable of offering multiple token types | Token type requested is delivered | Card fails to match for some token types. Token of wrong type delivered. |
Tests
Implementation priority: medium
Feature-Cards Supporting Multiple Authentication Methods
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Cards Supporting Multiple Authentication Methods|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Cards Supporting Multiple Authentication Methods - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| As per ISIP § 4.1.1.2 | Import and use card supporting multiple authentication methods | Selector uses all endpoints in order until one succeeds | Only first endpoint tried |
Tests
I4:FeatureTest-Selector Support for Cards with Multiple Authentication Methods
Feature-Import .crd file containing Managed Card
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Import .crd file containing Managed Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Import .crd file containing Managed Card - Maturity: Established {{#if: I1 | (I1 ) }} | |||
|---|---|---|---|
| A single card can be imported from a .crd file | Import card from .crd file | Successful card import | Error or Exception |
Tests
I4:FeatureTest-Selector Import of .crd Files
Feature-Export one or more Cards to .crds file
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Export one or more Cards to .crds file|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Export one or more Cards to .crds file - Maturity: Established {{#if: I1 | (I1 ) }} | |||
|---|---|---|---|
| Cards can be exported to the .crds file format | Export cards to .crds file | Successful Export | Error or Exception |
Tests
I4:FeatureTest-Selector Export of .crds Files
Feature-Import Cards from .crds file
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Import Cards from .crds file|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Import Cards from .crds file - Maturity: Established {{#if: I1 | (I1 ) }} | |||
|---|---|---|---|
| Cards can be imported from the .crds file format. | Import a valid .crds file | Successful Import | Error or Exception |
Tests
I4:FeatureTest-Selector Import of .crds Files
Feature-Relying Party specific identifiers constructed for Self-Issued Cards and standard SSL Relying Party certificate
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Relying Party specific identifiers constructed for Self-Issued Cards and standard SSL Relying Party certificate|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Relying Party specific identifiers constructed for Self-Issued Cards and standard SSL Relying Party certificate - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Privatepersonalidentifier, signing key, and if present, friendly identifier must be compatible for sites using a standard SSL Certificate as per ISIP § 8.6, 4.3.4 | Use a self-issued card at an RP site using Standard SSL certificates and assess correctness of identifiers created. | Identifiers match ISIP specifications | Identifiers do not meet ISIP specifications |
Tests
I4:FeatureTest-Selector Constructs Site-Specific Identifiers for Self-Issued Cards
Feature-Relying Party specific identifiers constructed for Self-Issued Cards and EV SSL Relying Party certificate
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Relying Party specific identifiers constructed for Self-Issued Cards and EV SSL Relying Party certificate|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Relying Party specific identifiers constructed for Self-Issued Cards and EV SSL Relying Party certificate - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| privatepersonalidentifier, signing key, and friendly identifier if present must be compatible for EV SSL sites for self-issued cards as per ISIP § 8.6, 4.3.4 | Use an information card at a site with an EV certificate and verify the resulting PPID and friendly ID | Identifiers match ISIP specifications | Identifiers do not meet ISIP specifications |
Tests
I4:FeatureTest-Selector PPID Construction for RP using EV SSL
Feature-Relying Party specific identifiers constructed for Self-Issued Cards when AppliesTo supplied
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Relying Party specific identifiers constructed for Self-Issued Cards when AppliesTo supplied|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Relying Party specific identifiers constructed for Self-Issued Cards when AppliesTo supplied - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| privatepersonalidentifier, signing key, and friendly identifier if present must be compatible for sites providing a wsp:AppliesTo element for self-issued cards as per ISIP § 8.6, 4.3.4 | Use an information card at a site known to provide wsp:AppliesTo element and verify the resulting PPID and friendly ID | Identifiers match ISIP specifications | Identifiers do not meet ISIP specifications |
Tests
I4:FeatureTest-Selector Constructs Site-Specific Identifiers for Self-Issued Cards
Feature-Relying Party specific identifiers constructed for Self-Issued Cards when AppliesTo not supplied
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Relying Party specific identifiers constructed for Self-Issued Cards when AppliesTo not supplied|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Relying Party specific identifiers constructed for Self-Issued Cards when AppliesTo not supplied - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| privatepersonalidentifier, signing key, ClientPseudonym handling, and friendly identifier if present must be compatible for sites not providing an wsp:AppliesTo element as per ISIP § 8.6, 4.3.4 | Use an information card at a site known to not provide wsp:AppliesTo element and verify the resulting PPID and friendly ID. Because web relying parties supply AppliesTo information, this test must use a Relying Party STS. | Identifiers match ISIP specifications | Identifiers do not meet ISIP specifications |
Tests
Implementation priority: medium
Feature-Retrieval and display of Display Token values for Managed Cards
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Retrieval and display of Display Token values for Managed Cards|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Retrieval and display of Display Token values for Managed Cards - Maturity: Established {{#if: I2 | (I2 ) }} | |||
|---|---|---|---|
| Correctly show the display token values provided with a token by an Identity Provider from the Identity Selector as per ISIP § 4.3.6 | Retrieve managed card attributes from within an Identity Selector, and compare results to what is passed to an RP | Displays current token correctly. | Other behavior |
Tests
I4:FeatureTest-Selector Display of Managed Card Display Tokens
Feature-Display Identity Provider Privacy Policy from Managed Card
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Display Identity Provider Privacy Policy from Managed Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Display Identity Provider Privacy Policy from Managed Card - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Display from the Selector a link to the IdP privacy policy, if present in a managed card as per ISIP § 4.1.1.6 | Attempt to view the privacy policy for a managed card with a known embedded value | Link is displayed, matches value in card | Link not displayed, value doesn’t match |
Tests
I4:FeatureTest-Selector Display of IdP PrivacyPolicy
Feature-Display Relying Party Privacy Policy
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Display Relying Party Privacy Policy|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Display Relying Party Privacy Policy - Maturity: Established {{#if: I2 | (I2 ) }} | |||
|---|---|---|---|
| Display from the Selector a link to the RP privacy policy as per ISIP § 3.2 | Attempt to view the privacy policy for an RP with a known available value | Link is displayed, matches value in card | Link not displayed, value doesn’t match |
Tests
I4:FeatureTest-Selector Display of RP Privacy Policy
Feature-Display Relying Party Certificate Details on Initial Relying Party Site Access
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Display Relying Party Certificate Details on Initial Relying Party Site Access|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Display Relying Party Certificate Details on Initial Relying Party Site Access - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Show standard certificate detail information on first access to an RP | Access an RP Site unknown to the Selector, but known to use a standard SSL certificate | Correct Details Shown | No Details Shown or Incorrect Details Shown |
Tests
I4:FeatureTest-Selector Notification of First Time Use of an RP
Feature-Display Relying Party Certificate Details on Demand
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Display Relying Party Certificate Details on Demand|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Display Relying Party Certificate Details on Demand - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Show standard certificate detail information during any transaction with that RP, at user’s request | Access an RP Site known to the Selector and known to use a standard SSL certificate | Correct Details Shown | No Details Shown or Incorrect Details Shown |
Tests
I4:FeatureTest-Selector Display of RP Certificate Details on Demand
Feature-Display Issuer Certificate Details on Card Import
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Display Issuer Certificate Details on Card Import|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Display Issuer Certificate Details on Card Import - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Show issuer SSL certificate details when creating an information card | Import a card and reveiw relevant details from the issuer's SSL certificate | Relevant certificate details shown | No details shown or incorrect details shown |
Tests
I4:FeatureTest-Selector Display of Issuer Certificate Details on Card Import
Feature-Display Fault Reason text from SOAP Faults
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Display Fault Reason text from SOAP Faults|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Display Fault Reason text from SOAP Faults - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Support for SOAP Faults as per ISIP § 6 and http://blogs.msdn.com/card/archive/2007/10/04/how-identity-providers-can-show-custom-error-messages-in-cardspace.aspx | Simulate Each Fault | Fault is recognized and acted upon | Fault ignored or exception caused |
Tests
Implementation priority: high
Feature-Support for Identity Provider using Transport Binding to secure SOAP message
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support for Identity Provider using Transport Binding to secure SOAP message|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Support for Identity Provider using Transport Binding to secure SOAP message - Maturity: Established {{#if: I1 | (I1 ) }} | |||
|---|---|---|---|
| Support for IdP use of transport security to secure the transaction on the channel as per ISIP Guide § 5.1.1.1 and WS-SecurityPolicy 1.2 § 8.3 | Use a managed card whose provider is known to use a transport binding. | Successful transaction | Error or exception |
Tests
I4:FeatureTest-Selector with UNPW-backed Managed Cards
Feature-Support for Identity Provider using Message Security to secure SOAP message
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support for Identity Provider using Message Security to secure SOAP message|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Support for Identity Provider using Message Security to secure SOAP message - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Support for IdP use of message security to secure the transaction on the channel as per ISIP Guide § 5.1.1.2 and WS-SecurityPolicy 1.2 § 8.4 | Use a managed card whose provider is known to use a message-level security binding. | Successful transaction | Error or exception |
Tests
I4:FeatureTest-Selector Support for Identity Provider using Message Security
Feature-Support for Identity Provider using Symmetric Binding to secure SOAP message
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support for Identity Provider using Symmetric Binding to secure SOAP message|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Support for Identity Provider using Symmetric Binding to secure SOAP message - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Support for IdP use of message security, specifically a symmetric binding to secure the transaction on the channel as per ISIP Guide § 5.1.1.2 and WS-SecurityPolicy 1.2 § 8.4 | Use a managed card whose provider is known to use a symmetric binding. | Successful transaction | Error or exception |
Tests
Implementation priority: medium
Feature-Support for Identity Provider using Asymmetric Binding to secure SOAP message
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support for Identity Provider using Asymmetric Binding to secure SOAP message|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Support for Identity Provider using Asymmetric Binding to secure SOAP message - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Support for IdP use of message security, specifically an asymmetric binding to secure the transaction on the channel as per WS-SecurityPolicy 1.2 § 8.5. (Do not test in this Interop if not implemented by any Selector.) | Use a managed card whose provider is known to use an asymmetric binding. | Successful transaction | Error or exception |
Tests
Implementation priority: medium
Feature-Accept Policy Data from Relying Parties using Relying Party STS
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Accept Policy Data from Relying Parties using Relying Party STS|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Accept Policy Data from Relying Parties using Relying Party STS - Maturity: Established {{#if: I2 | (I2 ) }} | |||
|---|---|---|---|
| Support for use of an RP/STS to communicate RP policy data as per ISIP Guide § 3 | Access an RP Site using an RP/STS & verify policy received. | Complete policy received | Incorrect or incomplete policy received or Selector not triggered |
Tests
I4:FeatureTest-Selector Support for Relying Party STSs
Feature-Accept Policy Data from Rich Client Application using a separate Relying Party
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Accept Policy Data from Rich Client Application using a separate Relying Party|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Accept Policy Data from Rich Client Application using a separate Relying Party - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Ability for Selector to be triggered from a rich client application (with no browser used) and to receive RP policy data from a separate Relying Party | Demonstrate using the Identity Selector from a smart client application (with no browser involved) where the user selects a card and causes a token to be sent to a relying party | Selector invoked and token from selected card sent to relying party | Selector not invoked, token not sent to RP, or other failures |
Tests
I4:FeatureTest-Selector Support for Rich Clients
Feature-Accept Policy Data from Rich Client Application that is also the Relying Party
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Accept Policy Data from Rich Client Application that is also the Relying Party|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Accept Policy Data from Rich Client Application that is also the Relying Party - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Ability for Selector to be triggered from a rich client application (with no browser used), and to receive RP policy data from that rich application | Demonstrate using the Identity Selector from a smart client application (with no browser involved) where the user selects a card and causes a token to be sent to the application from an identity provider | Selector invoked and token from selected card delivered to application | Incorrect or incomplete policy, or Selector not triggered |
Tests
Implementation priority: low
Feature-Identity Selector support for SOAP 1.1
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Identity Selector support for SOAP 1.1|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Identity Selector support for SOAP 1.1 - Maturity: Established {{#if: I1 | (I1 ) }} | |||
|---|---|---|---|
| Support for IdP & RP Components which use SOAP 1.1 | Access components that are known to exclusively use SOAP 1.1 | Transaction Succeeds | Error or Exception |
Tests
Implementation priority: low (most Identity Providers already do this)
Feature-Identity Selector support for WS-Trust 1.2, WS-SecurityPolicy 1.1
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Identity Selector support for WS-Trust 1.2, WS-SecurityPolicy 1.1|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Identity Selector support for WS-Trust 1.2, WS-SecurityPolicy 1.1 - Maturity: Established {{#if: I1 | (I1 ) }} | |||
|---|---|---|---|
| Support for IdP and RP Components which use WS-Trust 1.2 and WS-SecurityPolicy 1.1 as per ISIP and ISIP Guide | Access components that are known to exclusively use ISIP versions of WS-Trust & WS-SecurityPolicy | Transaction Succeeds | Error or Exception |
Tests
Implementation priority: low (most Identity Providers already do this)
Feature-Support for Editing Self-Issued Information Cards
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support for Editing Self-Issued Information Cards|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Support for Editing Self-Issued Information Cards - Maturity: Established {{#if: I2 | (I2 ) }} | |||
|---|---|---|---|
| Allow user to edit a self-issued information card already held in the Selector to contain new information from the user | Attempt to edit self-issued card information | Unable to update or self-issued cards | Able to update and save self-issued cards |
Tests
I4:FeatureTest-Selector Support for Editing Self-Issued Information Cards
Feature-Notify user of need for Managed Information Card refresh
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Notify user of need for Managed Information Card refresh|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Notify user of need for Managed Information Card refresh - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| If, on attempted use of a managed information card, the Identity Provider returns an InformationCardRefreshRequired SOAP Fault, Selector must notify the user as per ISIP § 4.1.1.1, 4.3.1, 6.2 | Attempt to use a card which needs a refresh | User notified of more recent card version | No notification of new version |
Tests
Implementation priority: high
Feature-Relying Party specific identifiers constructed for Self-Issued Cards at Relying Parties using HTTP
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Relying Party specific identifiers constructed for Self-Issued Cards at Relying Parties using HTTP|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Relying Party specific identifiers constructed for Self-Issued Cards at Relying Parties using HTTP - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| privatepersonalidentifier, signing key, and friendly identifier compatible for no-SSL sites for self-issued cards as per http://blogs.msdn.com/card/archive/2007/09/25/deploy-cardspace-on-your-site-without-a-ssl-certificate.aspx | Use an information card at a site not using an SSL Certificate and verify the resulting PPID and friendly ID | Identifiers match ISIP specifications | Identifiers do not meet ISIP specifications |
Tests
I4:FeatureTest-Selector Constructs Site-Specific Identifiers for Self-Issued Cards
Feature-Support for Relying Parties using HTTP
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support for Relying Parties using HTTP|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Support for Relying Parties using HTTP - Maturity: Established {{#if: I2 | (I2 ) }} | |||
|---|---|---|---|
| Support for use of a no-SSL RP as per http://blogs.msdn.com/card/archive/2007/09/25/deploy-cardspace-on-your-site-without-a-ssl-certificate.aspx | Access an http-only RP Site and use an Information Card | Requested claims provided | Selector not triggered |
Tests
I4:FeatureTest-Selector Use at Relying Party using HTTP
Feature-Identity Selector support for SOAP 1.2
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Identity Selector support for SOAP 1.2|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Identity Selector support for SOAP 1.2 - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Support for IdP & RP Components which use SOAP 1.2 | Access components that are known to exclusively use SOAP 1.2 | Transaction Succeeds | Error or Exception |
Tests
Implementation priority: low
Feature-Identity Selector support for WS-Trust 1.3, WS-SecurityPolicy 1.2
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Identity Selector support for WS-Trust 1.3, WS-SecurityPolicy 1.2|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Identity Selector support for WS-Trust 1.3, WS-SecurityPolicy 1.2 - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Support for IdP and RP Components which use WS-Trust 1.3 and WS-SecurityPolicy 1.2 (the OASIS standard versions) as per http://blogs.msdn.com/card/archive/2007/11/22/cardspace-support-for-oasis-ws-sx-standards.aspx | Access components that are known to exclusively use OASIS versions of WS-Trust & WS-SecurityPolicy | Transaction Succeeds | Error or Exception |
Tests
I4:FeatureTest-Selector Support for WS-Trust 1.3 and WS-SecurityPolicy 1.2
Feature-Enforcement of IdP choice to limit use of Card to only sites with SSL
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Enforcement of IdP choice to limit use of Card to only sites with SSL|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Enforcement of IdP choice to limit use of Card to only sites with SSL - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Restriction of site access when a card is used that limits card access to non-SSL Sites as per http://blogs.msdn.com/card/archive/2007/09/25/deploy-cardspace-on-your-site-without-a-ssl-certificate.aspx | Import HTTPS only card and try to use it at https and http sites | Card usable at an https site but can not be selected to use at an http site | Card can not be imported or not usable at https site or can be used at an http site |
Tests
I4:FeatureTest-Selector Support for RequireStrongRecipientIdentity
Feature-Identity Selector informs user when an RP site Privacy Policy has Changed
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Identity Selector informs user when an RP site Privacy Policy has Changed|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Identity Selector informs user when an RP site Privacy Policy has Changed - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Selector must be able to detect when a new version of the RP privacy policy is available, and notify the user | Trigger a Selector transaction where the privacy policy has changed | User is notified | User is not notified |
Tests
I4:FeatureTest-Selector Notification of RP Privacy Policy Change
Feature-ClientPseudonym for Auditing Managed Card remains the same after overwriting card in Selector
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:ClientPseudonym for Auditing Managed Card remains the same after overwriting card in Selector|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector ClientPseudonym for Auditing Managed Card remains the same after overwriting card in Selector - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Information provided to the Identity Provider for the card used to generate the PPID is consistent between old and new version of the card | Import one version of the card, use it, and record ClientPseudonym. Import second version of the card, and verify that the ClientPseudonym doesn’t change. | The card generates the same ClientPseudonym after being overwritten | ClientPseudonym changes after the card is overwritten |
Tests
I4:FeatureTest-Selector Preserves MasterKey when Overwriting Card
Feature-ClientPseudonym for Auditing Managed Card remains the same after updating card to newer version in Selector
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:ClientPseudonym for Auditing Managed Card remains the same after updating card to newer version in Selector|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector ClientPseudonym for Auditing Managed Card remains the same after updating card to newer version in Selector - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Information provided to the Identity Provider for the card used to generate the PPID is consistent between old and new version of the card | Import one version of the card, use it, and record ClientPseudonym. Import second version of the card, and verify that the ClientPseudonym doesn’t change. | Different versions of the same card generate the same ClientPseudonym | ClientPseudonym changes between versions of the card |
Tests
I4:FeatureTest-Selector Preserves MasterKey when Updating Auditing Card
Feature-ClientPseudonym for Non-Auditing Managed Card remains the same after updating card to newer version in Selector
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:ClientPseudonym for Non-Auditing Managed Card remains the same after updating card to newer version in Selector|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector ClientPseudonym for Non-Auditing Managed Card remains the same after updating card to newer version in Selector - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Information provided to the Identity Provider for the card used to generate the PPID is consistent between old and new version of the card | Import one version of the card, use it, and record ClientPseudonym. Import second version of the card, and verify that the ClientPseudonym doesn’t change. | Different versions of the same card generate the same ClientPseudonym | ClientPseudonym changes between versions of the card |
Tests
I4:FeatureTest-Selector Preserves MasterKey when Updating Non-Auditing Card
Feature-Verify AppliesTo information is present in Relying Party policy when Auditing Card used
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Verify AppliesTo information is present in Relying Party policy when Auditing Card used|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Verify AppliesTo information is present in Relying Party policy when Auditing Card used - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Check that the RP has returned token scope information with AppliesTo when the card used at the RP is auditing mandatory (Behavior per Token Scope table in ISIP § 4.3.3) | Use an Auditing mandatory card in an RP transaction where the RP does not supply AppliesTo | Actionable Message | Other behavior |
Tests
Implementation priority: medium
Feature-Verify AppliesTo information is not present in Relying Party policy when Non-Auditing Card used
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Verify AppliesTo information is not present in Relying Party policy when Non-Auditing Card used|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Verify AppliesTo information is not present in Relying Party policy when Non-Auditing Card used - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Check that the RP has not returned token scope information with AppliesTo when the card used at the RP is non-auditing (behavior per Token Scope table in ISIP § 4.3.3) | Use a non-auditing card with an RP where the RP supplies AppliesTo | Fail with actionable error message. | Other behavior |
Tests
Implementation priority: medium
Feature-Verify format of .crd file prior to import
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Verify format of .crd file prior to import|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Verify format of .crd file prior to import - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Check that the .crd file is a valid XML document before importing it | Attempt to import a faulty .crd file | Failure with actionable message | Exception, no error notification |
Tests
Implementation priority: low
Feature-Validate certificate signing .crd file prior to import
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Validate certificate signing .crd file prior to import|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Validate certificate signing .crd file prior to import - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Validate that the certificate signing the .crd file is the certificate of the owner of the STS | Attempt to import a .crd file signed by a certificate different than that of the issuing STS | Failure with actionable message | Exception, no error notification |
Tests
Implementation priority: medium
Feature-Verify format of .crds file prior to import
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Verify format of .crds file prior to import|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Verify format of .crds file prior to import - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Check that the .crds file is a valid XML document before importing it | Attempt to import a faulty .crds file | Failure with actionable message | Exception, no error notification |
Tests
Implementation priority: low
Feature-Verify passcode of .crds file prior to import
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Verify passcode of .crds file prior to import|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Verify passcode of .crds file prior to import - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| All .crds files should require the passcode to be correctly provided by the user | Attempt to import a .crds file when the passcode given is invalid | Failure with actionable message | Exception, no error notification |
Tests
Implementation priority: low
Feature-Verify X.509 certificate associated with Identity Provider at time of Card use
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Verify X.509 certificate associated with Identity Provider at time of Card use|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Verify X.509 certificate associated with Identity Provider at time of Card use - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| The X.509 Certificate of an Identity Provider should be validated in the following ways: the certificate chain should be validated, the certificate should be checked for revocation as per RFC 3280, and the host associated with the certificate should match the host presenting the certificate | Attempt to use a Selector at an Identity Provider with an invalid X.509 certificate | Failure with actionable message | Exception, continue |
Tests
Implementation priority: medium
Feature-Verify Relying Party X.509 certificate at time of Card use
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Verify Relying Party X.509 certificate at time of Card use|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Verify Relying Party X.509 certificate at time of Card use - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| The X.509 Certificate of an Identity Provider should be validated in the following ways: the certificate chain should be validated, the certificate should be checked for revocation as per RFC 3280, and the host associated with the certificate should match the host presenting the certificate | Attempt to use a Selector at an Relying Party with an invalid X.509 certificate | Failure with actionable message | Exception, continue |
Tests
Implementation priority: medium
Feature-Verify X.509 certificate associated with imported Card prior to importing
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Verify X.509 certificate associated with imported Card prior to importing|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Verify X.509 certificate associated with imported Card prior to importing - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| The X.509 Certificate of an Identity Provider should be validated in the following ways: the certificate chain should be validated, the certificate should be checked for revocation as per RFC 3280, and the host associated with the certificate should match the host presenting the certificate | Attempt to import a managed card with an invalid associated X.509 certificate | Failure with actionable message | Card import succeeds |
Tests
I4:FeatureTest-Selector Rejection of Nonvalidating Managed Card Certificate
Feature-Behavior when an Identity Provider STS never responds to a request
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Behavior when an Identity Provider STS never responds to a request|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Behavior when an Identity Provider STS never responds to a request - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Attempts to communicate with an STS should be limited to a pre-defined time period, after which control is returned to the user. | Attempt to use a card whose STS does not respond | Reasonable timeout with error message | Hang |
Tests
Implementation priority: medium
Feature-Behavior when a Relying Party STS never responds to a request
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Behavior when a Relying Party STS never responds to a request|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Behavior when a Relying Party STS never responds to a request - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Attempts to communicate with an RP/STS should be limited to a pre-defined time period, after which control is returned to the user. | Attempt to use a card at an RP/STS that does not respond | Reasonable timeout with error message | Hang |
Tests
Implementation priority: medium
Feature-Provide ability to disable Selector invocation to prevent denial of service by malicious relying parties
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Provide ability to disable Selector invocation to prevent denial of service by malicious relying parties|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Provide ability to disable Selector invocation to prevent denial of service by malicious relying parties - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Users should be able to disable Selector invocation manually – to prevent against malicious code spawning Selector transaction after Selector transaction | Attempt to use Selector at an RP that tries to DOS the workstation by triggering repeating Selector transactions | User can disable Selector invocation | User cannot disable Selector invocation |
Tests
I4:FeatureTest-Identity Selector DOS Avoidance
Feature-Behavior when the relying party request contains no claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Behavior when the relying party request contains no claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Behavior when the relying party request contains no claims - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| If there are no required or optional claims requested by the RP, the Selector should match cards based on token type only | Attempt to use Selector at an RP that requests no claims | Match only on token type | Match all cards or no cards |
Tests
Implementation priority: low
Feature-Behavior when the Relying Party request contains only optional claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Behavior when the Relying Party request contains only optional claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Behavior when the Relying Party request contains only optional claims - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| If there are no required claims but some optional claims requested by the RP, the Selector should match cards based on token type only | Use Selector at an RP that requests only Optional claims | Match only on token type | Match all cards or no cards |
Tests
Implementation priority: low
Feature-Support for Information Card Refreshes
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support for Information Card Refreshes|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Support for Information Card Refreshes - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| The user must be notified in the case where they attempt to use a card from an Information Provider that responds that a refresh of that card is necessary | Attempt to use a card which requires a card refresh | Actionable Message | Transaction continues or else stops without an actionable message |
Tests
I4:FeatureTest-Selector Recognition of CardRefresh SOAP Fault
Feature-Verify presence of backing Self-Issued Card
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Verify presence of backing Self-Issued Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Verify presence of backing Self-Issued Card - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Check that the backing self-issued card is present prior to allowing the managed card to be used | Attempt to use a managed card whose backing self-issued card is missing | Actionable Message | Failure or transaction continues |
Tests
Implementation priority: low
Feature-Accept .crd File Containing Not-Understood Elements
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Accept .crd File Containing Not-Understood Elements|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Accept .crd File Containing Not-Understood Elements - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Allow .crd files to contain not-understood XML elements, successfully processing those that are understood | Import a well-formed .crd file containing a valid Information Card and one or more not-understood XML elements | Card successfully created | Not-understood elements cause the card creation to fail |
Tests
I4:FeatureTest-Selector Accepts .crd File Containing Not-Understood Elements
Feature-Accept .crds File Containing Not-Understood Elements
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Accept .crds File Containing Not-Understood Elements|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Accept .crds File Containing Not-Understood Elements - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Allow .crds files to contain not-understood XML elements, successfully processing those that are understood | Import a well-formed .crds file containing valid Information Cards and one or more not-understood XML elements | Cards successfully imported | Not-understood elements cause the import to fail |
Tests
Implementation priority: medium
Feature-Preserve Not-Understood Elements from .crd File
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Preserve Not-Understood Elements from .crd File|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Preserve Not-Understood Elements from .crd File - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Preserve not-understood XML elements from .crd files, including them when the cards containing them are exported | Import a well-formed .crd file containing a valid Information Card and one or more not-understood XML elements and then export that card to a .crds file | The card in the exported .crds file contains the not-understood XML elements | The not-understood XML elements are not preserved in the exported .crds file |
Tests
I4:FeatureTest-Selector Preserves Not-Understood Elements from .crd File
Feature-Preserve Not-Understood Elements from .crds File
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Preserve Not-Understood Elements from .crds File|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Preserve Not-Understood Elements from .crds File - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Preserve not-understood XML elements from .crds files, including them when the cards containing them are exported | Import a well-formed .crds file containing valid Information Cards and one or more not-understood XML elements and then export the cards containing not-understood elements to a .crds file | The cards in the exported .crds file contain the not-understood XML elements | The not-understood XML elements are not preserved in the exported .crds file |
Tests
Implementation priority: medium
Feature-Self-Issued Identity Provider Recognizes Equivalence of the Multiple URIs for SAML 1.0 and 1.1 Tokens
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Self-Issued Identity Provider Recognizes Equivalence of the Multiple URIs for SAML 1.0 and 1.1 Tokens|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Self-Issued Identity Provider Recognizes Equivalence of the Multiple URIs for SAML 1.0 and 1.1 Tokens - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Selector's Self-Issued Identity Provider supports both the token types urn:oasis:names:tc:SAML:1.0:assertion and http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1 for self-issued cards | Use self-issued card twice – once with an RP requesting the first token-type, once with an RP requesting the 2nd token type | Two successful transactions, each returning the requested token type | One or both of the two equivalent URIs not supported |
Tests
I4:Selector Supports both Equivalent URIs for Self-Issued Cards using SAML 1.0 and 1.1 Tokens
Feature-Warn User on attempt to Delete Self-Issued Card backing a Managed Card
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Warn User on attempt to Delete Self-Issued Card backing a Managed Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Warn User on attempt to Delete Self-Issued Card backing a Managed Card - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Selector informs the user that the self-issued card they are trying to delete is backing a managed card and that deletion of the card would cause the managed card to stop functioning | Atttempt to delete a self-issued card backing a managed card | User warned that this action would make the managed card stop functioning and given the option to not proceed | User not informed of the consequences of proceeding with deletion of the self-issued card |
Tests
I4:FeatureTest-Selector Warns User on attempt to Delete Self-Issued Card backing a Managed Card
Feature-Binary install package for Identity Selector available
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Binary install package for Identity Selector available|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Binary install package for Identity Selector available - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Simple installation for users | Install Selector | Easy | Hard |
Tests
Implementation priority: low
Feature-Ability to PIN Protect a Self-Issued Card
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Ability to PIN protect a Self-Issued Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Ability to PIN protect a Self-Issued Card - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Users must be able to add and remove a PIN to a card as per ISIP § 7.1.1 | Add a PIN to a self-issued card, use the card with the PIN, and then remove it and use it again. Also verify that the algorithm matches that used by other selectors. | Able to add and remove PIN protection using the standard algorithm | Not able to work with PIN-protected self-issued cards |
Tests
I4:FeatureTest-Selector PIN-Protection of Self-Issued Card
Feature-Ability to PIN Protect a Managed Card
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Ability to PIN protect a Managed Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Ability to PIN protect a Managed Card - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| Users must be able to add and remove a PIN to a card as per ISIP § 7.1.1 | Add a PIN to a managed card, use the card with the PIN, and then remove it and use it again. Also verify that the algorithm matches that used by other selectors. | Able to add and remove PIN protection using the standard algorithm | Not able to work with PIN-protected managed cards |
Tests
I4:FeatureTest-Selector PIN-Protection of Managed Card
Feature-Browser Independence
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Browser Independence|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Browser Independence - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Selector can be invoked from different browsers (possibly with the addition of a Browser Add-On) | Attempt to use from more than one browser | Possible | Not possible |
Tests
I4:FeatureTest-Selector Browser Independence
Feature-Manual invocation of Selector by user for Card management functions
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Manual invocation of Selector by user for Card management functions|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Manual invocation of Selector by user for Card management functions - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| Selector can be started without having accessed a Relying Party for the purposes of managing a user's information card storage, enabling actions such as acquiring new cards, deleting undesired ones, and auditing their usage. | Manually invoke Identity Selector and manage information cards and card details. | Card management can be launched and performed without contacting a relying party. | Relying party must be contacted to interact with IA. |
Tests
Implementation priority: low
Feature-Internationalization
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Internationalization|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Internationalization - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| User interface elements should be presented in current locale for operating system | Attempt to use Selector with a locale other than English set on the operating system | Natural language and formatting conventions used the same as the OS | Fixed-language interface |
Tests
Implementation priority: medium
Feature-Identity Selector Informs User when a Site is being Used for the First Time
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Identity Selector Informs User when a Site is being Used for the First Time|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Identity Selector Informs User when a Site is being Used for the First Time - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| IA must be able to detect whether this is first or subsequent visit to an RP and inform the user in an actionable manner. This is a key part of the phishing defense enabled by Identity Selectors. | Visit an RP site which has never been seen before | Signal to user on first visit must be distinguishable from what the user sees on subsequent visits. The object of the game here is to make the signal so blatant that the user will terminate the login process if the signal says first visit but she already has an account at the RP. | What user sees is very similar between the first/subsequent visit cases. For instance, they are only shown which cards match the claims policy of the RP. |
Tests
I4:FeatureTest-Selector Notification of First Time Use of an RP
Feature-Relying Party site information shown during card selection
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Relying Party site information shown during card selection|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Relying Party site information shown during card selection - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| In the user interface used to select and send a card, information about the Relying Party site is shown to the user. | Select a card and attempt to view RP certificate details | RP information (text, logo, or both) must be shown. | RP information not shown. |
Tests
Implementation priority: medium
Feature-Ability to select which optional claims to send
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Ability to select which optional claims to send|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Ability to select which optional claims to send - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| In the interface used to send a card, allow the user to see what optional claims are sent for the card and to choose whether or not to send any or all optional claims | Invoke the Selector against an RP advertising optional claims with a card that populates those claims – attempt to choose not to send optional claims | Ability to not send optional claims, either as a group or individually | No choice of whether to send optional claims. |
Tests
Implementation priority: low
Feature-Differentiate Extended Validation Certificates from Regular SSL Certificates for RPs
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Differentiate Extended Validation Certificates from Regular SSL Certificates for RPs|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Differentiate Extended Validation Certificates from Regular SSL Certificates for RPs - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| When viewing certificate information for an RP, ensure that users can tell the difference between sites protected by EV SSL and sites protected by Regular SSL Certificates | Compare the certificate details page for a card from an RP protected by an EV SSL Certificate to the certificate details page for a card from an RP protected by a regular SSL Certificate | Can tell which sites use EV-SSL and which sites use Regular SSL | No difference |
Tests
Feature-Differentiate Extended Validation Certificates from Regular SSL Certificates for IdPs
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Differentiate Extended Validation Certificates from Regular SSL Certificates for IdPs|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Differentiate Extended Validation Certificates from Regular SSL Certificates for IdPs - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| When viewing certificate information for an IdP, ensure that users can tell the difference between sites protected by EV SSL and sites protected by Regular SSL Certificates | Compare the certificate details page for a card from an IdP protected by an EV SSL Certificate to the certificate details page for a card from an IdP protected by a regular SSL Certificate | Can tell which sites use EV-SSL and which sites use Regular SSL | No difference |
Tests
Feature-Display Identity Provider Extended Validation certificate image during Card import if image is present
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Display Identity Provider Extended Validation certificate image during Card import if image is present|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Display Identity Provider Extended Validation certificate image during Card import if image is present - Maturity: Emerging {{#if: | ( ) }} | |||
|---|---|---|---|
| During import of a managed card protected by an Extended Validation Certificate with an image associated, display the image to the user. | Access an RP Site known to use an EV certificate with an image | Image shown | Image not shown or error |
Tests
Implementation priority: medium
Feature-Display Issuer Information contained in Card
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Display Issuer Information contained in Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Display Issuer Information contained in Card - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Support display of the issuer information contained in the card as per http://blogs.msdn.com/card/archive/2007/10/24/providing-custom-data-in-an-information-card.aspx | Import a card containing issuer information and view the card details | Issuer information displayed | Issuer information not displayed |
Tests
I4:FeatureTest-Selector Display of Issuer Information in Card
Feature-Notify user on Card import if Card is already installed in Identity Selector
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Notify user on Card import if Card is already installed in Identity Selector|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Notify user on Card import if Card is already installed in Identity Selector - Maturity: Established {{#if: I3 | (I3 ) }} | |||
|---|---|---|---|
| During import of an information card, check that the card is not already present. If the card is present, notify the user and give them a choice of whether to reinstall the card. | Attempt to install an already present managed card | User notified and given choice of whether to import | User not notified or error |
Tests
I4:FeatureTest-Selector Preserves MasterKey when Overwriting Card
Feature-Change Card Name
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Change Card Name|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Change Card Name - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Selector should enable users to change the name of an Information Card | Change the names of both a self-issued and a managed Information Card | Both names could be edited and changed | Or or both card names could not be changed |
Tests
I4:FeatureTest-Selector Support for Changing Card Name
Feature-Change Self-Issued Card Picture
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Information Card Identity Selector Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Change Self-Issued Card Picture|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]] edit |
| Information Card Identity Selector Change Self-Issued Card Picture - Maturity: Emerging {{#if: I4 | (I4 ) }} | |||
|---|---|---|---|
| Selector should enable users to change the picture associated with a self-issued Information Card | Change the picture for a self-issued Information Card | Picture could be changed | Picture could not be changed |
