Difference between revisions of "I4:OpenID Identity Provider Features"

From OSIS Open Source Identity Systems
Jump to: navigation, search
(Feature-Provides Phishing-Resistant Authentication)
(Filled in missing feature_description fields)
Line 7: Line 7:
 
   |feature_type        = interop
 
   |feature_type        = interop
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = OpenID Provider support for OpenID 1.1
 
   |test_description    = Use OpenID at relying party site using OpenID 1.1 protocol
 
   |test_description    = Use OpenID at relying party site using OpenID 1.1 protocol
 
   |acceptable          = Works (provided OpenID is a legal OpenID 1.1 ID)
 
   |acceptable          = Works (provided OpenID is a legal OpenID 1.1 ID)
Line 21: Line 21:
 
   |feature_type        = interop
 
   |feature_type        = interop
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = OpenID Provider support for OpenID 2.0
 
   |test_description    = Use OpenID at relying party site using OpenID 2.0 protocol
 
   |test_description    = Use OpenID at relying party site using OpenID 2.0 protocol
 
   |acceptable          = Works
 
   |acceptable          = Works
Line 35: Line 35:
 
   |feature_type        = interop
 
   |feature_type        = interop
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = OpenID Provider support for Simple Registration
 
   |test_description    = Use OpenID at site employing Simple Registration protocol
 
   |test_description    = Use OpenID at site employing Simple Registration protocol
 
   |acceptable          = Simple registration data provided or message displayed by OP saying not supported
 
   |acceptable          = Simple registration data provided or message displayed by OP saying not supported
Line 49: Line 49:
 
   |feature_type        = interop
 
   |feature_type        = interop
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = OpenID Provider support for Attribute Exchange
 
   |test_description    = Use OpenID at site employing Attribute Exchange protocol
 
   |test_description    = Use OpenID at site employing Attribute Exchange protocol
 
   |acceptable          = Attribute exchange data provided or message displayed by OP saying not supported
 
   |acceptable          = Attribute exchange data provided or message displayed by OP saying not supported
Line 63: Line 63:
 
   |feature_type        = interop
 
   |feature_type        = interop
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = OpenID Provider support for PAPE
 
   |test_description    = Use OpenID at site employing PAPE protocol
 
   |test_description    = Use OpenID at site employing PAPE protocol
 
   |acceptable          = Correct PAPE response provided or message displayed by OP saying not supported
 
   |acceptable          = Correct PAPE response provided or message displayed by OP saying not supported
Line 77: Line 77:
 
   |feature_type        = interop
 
   |feature_type        = interop
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = Provides Phishing-Resistant Authentication
 
   |test_description    = Use OpenID at site employing PAPE to request phishing-resistant authentication
 
   |test_description    = Use OpenID at site employing PAPE to request phishing-resistant authentication
 
   |acceptable          = Correct PAPE response provided or message displayed by OP saying not supported
 
   |acceptable          = Correct PAPE response provided or message displayed by OP saying not supported
Line 91: Line 91:
 
   |feature_type        = interop
 
   |feature_type        = interop
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = Provides Multi-Factor Authentication
 
   |test_description    = Use OpenID at site employing PAPE to request multi-factor authentication
 
   |test_description    = Use OpenID at site employing PAPE to request multi-factor authentication
 
   |acceptable          = Correct PAPE response provided or message displayed by OP saying not supported
 
   |acceptable          = Correct PAPE response provided or message displayed by OP saying not supported
Line 105: Line 105:
 
   |feature_type        = interop
 
   |feature_type        = interop
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = Provides Multi-Factor-Physical Authentication
 
   |test_description    = Use OpenID at site employing PAPE to request multi-factor-physical authentication
 
   |test_description    = Use OpenID at site employing PAPE to request multi-factor-physical authentication
 
   |acceptable          = Correct PAPE response provided or message displayed by OP saying not supported
 
   |acceptable          = Correct PAPE response provided or message displayed by OP saying not supported
Line 133: Line 133:
 
   |feature_type        = interop
 
   |feature_type        = interop
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = Issues URL-based OpenIDs
 
   |test_description    = Use URL-based OpenID (starting with http or https) at a relying party
 
   |test_description    = Use URL-based OpenID (starting with http or https) at a relying party
 
   |acceptable          = Accepted
 
   |acceptable          = Accepted
Line 147: Line 147:
 
   |feature_type        = interop
 
   |feature_type        = interop
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = Issues i-name-based OpenIDs
 
   |test_description    = Use i-name-based OpenID (starting with an = or *) at an OpenID 2.0 relying party
 
   |test_description    = Use i-name-based OpenID (starting with an = or *) at an OpenID 2.0 relying party
 
   |acceptable          = Accepted and i-name correctly displayed by OP
 
   |acceptable          = Accepted and i-name correctly displayed by OP
Line 161: Line 161:
 
   |feature_type        = usability
 
   |feature_type        = usability
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = Directs user to use appropriate authentication methods to fulfill PAPE request
 
   |test_description    = Use OpenID at site requesting phishing-resistant authentication.  Verify that the OP directs the user to a phishing-resistant authentication method, if available.
 
   |test_description    = Use OpenID at site requesting phishing-resistant authentication.  Verify that the OP directs the user to a phishing-resistant authentication method, if available.
 
   |acceptable          = Only authentication methods fulfilling request shown for accounts supporting such methods
 
   |acceptable          = Only authentication methods fulfilling request shown for accounts supporting such methods
Line 175: Line 175:
 
   |feature_type        = usability
 
   |feature_type        = usability
 
   |solution_role      = OpenID Identity Provider
 
   |solution_role      = OpenID Identity Provider
   |feature_description =  
+
   |feature_description = Directs user to re-authenticate if current authentication can not fulfill PAPE request
 
   |test_description    = Use OpenID at site requesting phishing-resistant authentication when already signed in with a username and password.  Verify that the OP directs the user to re-authenticate with a phishing-resistant authentication method, if available.
 
   |test_description    = Use OpenID at site requesting phishing-resistant authentication when already signed in with a username and password.  Verify that the OP directs the user to re-authenticate with a phishing-resistant authentication method, if available.
 
   |acceptable          = User requested to re-authenticate with method fulfilling PAPE request
 
   |acceptable          = User requested to re-authenticate with method fulfilling PAPE request

Revision as of 01:50, 15 June 2008

{{#vardefine:DtArticleSortKey|}}


Feature-OpenID Provider support for OpenID 1.1

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for OpenID 1.1|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for OpenID 1.1 - Maturity: Established {{#if: I2 | (I2 ) }}
OpenID Provider support for OpenID 1.1 Use OpenID at relying party site using OpenID 1.1 protocol Works (provided OpenID is a legal OpenID 1.1 ID) Doesn't work

Tests


Feature-OpenID Provider support for OpenID 2.0

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for OpenID 2.0|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for OpenID 2.0 - Maturity: Established {{#if: I2 | (I2 ) }}
OpenID Provider support for OpenID 2.0 Use OpenID at relying party site using OpenID 2.0 protocol Works Doesn't work

Tests


Feature-OpenID Provider support for Simple Registration

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for Simple Registration|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for Simple Registration - Maturity: Established {{#if: I2 | (I2 ) }}
OpenID Provider support for Simple Registration Use OpenID at site employing Simple Registration protocol Simple registration data provided or message displayed by OP saying not supported Data not provided, failure, or exception

Tests


Feature-OpenID Provider support for Attribute Exchange

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for Attribute Exchange|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for Attribute Exchange - Maturity: Established {{#if: I2 | (I2 ) }}
OpenID Provider support for Attribute Exchange Use OpenID at site employing Attribute Exchange protocol Attribute exchange data provided or message displayed by OP saying not supported Data not provided, failure, or exception

Tests


Feature-OpenID Provider support for PAPE

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for PAPE|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for PAPE - Maturity: Established {{#if: I2 | (I2 ) }}
OpenID Provider support for PAPE Use OpenID at site employing PAPE protocol Correct PAPE response provided or message displayed by OP saying not supported No PAPE response provided, failure, or exception

Tests


Feature-Provides Phishing-Resistant Authentication

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Provides Phishing-Resistant Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider Provides Phishing-Resistant Authentication - Maturity: Established {{#if: I2 | (I2 ) }}
Provides Phishing-Resistant Authentication Use OpenID at site employing PAPE to request phishing-resistant authentication Correct PAPE response provided or message displayed by OP saying not supported No PAPE response provided, failure, or exception

Tests

I4:FeatureTest-OpenID Provider Support for Phishing-Resistant Authentication


Feature-Provides Multi-Factor Authentication

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Provides Multi-Factor Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider Provides Multi-Factor Authentication - Maturity: Established {{#if: I2 | (I2 ) }}
Provides Multi-Factor Authentication Use OpenID at site employing PAPE to request multi-factor authentication Correct PAPE response provided or message displayed by OP saying not supported No PAPE response provided, failure, or exception

Tests


Feature-Provides Multi-Factor-Physical Authentication

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Provides Multi-Factor-Physical Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider Provides Multi-Factor-Physical Authentication - Maturity: Established {{#if: I2 | (I2 ) }}
Provides Multi-Factor-Physical Authentication Use OpenID at site employing PAPE to request multi-factor-physical authentication Correct PAPE response provided or message displayed by OP saying not supported No PAPE response provided, failure, or exception

Tests


Feature-Issues OpenID InfoCards

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Issues OpenID InfoCards|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider Issues OpenID InfoCards - Maturity: Established {{#if: I2 | (I2 ) }}
As per https://openidcards.sxip.com/spec/openid-infocards.html Use OpenID at site employing OpenID InfoCard protocol OpenID sent as an InfoCard claim Failure or exception

Tests


Feature-Issues URL-based OpenIDs

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Issues URL-based OpenIDs|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider Issues URL-based OpenIDs - Maturity: Established {{#if: I2 | (I2 ) }}
Issues URL-based OpenIDs Use URL-based OpenID (starting with http or https) at a relying party Accepted Failure or exception

Tests


Feature-Issues i-name-based OpenIDs

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Issues i-name-based OpenIDs|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider Issues i-name-based OpenIDs - Maturity: Established {{#if: I2 | (I2 ) }}
Issues i-name-based OpenIDs Use i-name-based OpenID (starting with an = or *) at an OpenID 2.0 relying party Accepted and i-name correctly displayed by OP Not accepted and/or i-number displayed by OP

Tests


Feature-Directs user to use appropriate authentication methods to fulfill PAPE request

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Directs user to use appropriate authentication methods to fulfill PAPE request|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider Directs user to use appropriate authentication methods to fulfill PAPE request - Maturity: Established {{#if: I2 | (I2 ) }}
Directs user to use appropriate authentication methods to fulfill PAPE request Use OpenID at site requesting phishing-resistant authentication. Verify that the OP directs the user to a phishing-resistant authentication method, if available. Only authentication methods fulfilling request shown for accounts supporting such methods Username/password authentication still available with PAPE requests for accounts with appropriate methods available

Tests


Feature-Directs user to re-authenticate if current authentication can not fulfill PAPE request

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Directs user to re-authenticate if current authentication can not fulfill PAPE request|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider Directs user to re-authenticate if current authentication can not fulfill PAPE request - Maturity: Established {{#if: I2 | (I2 ) }}
Directs user to re-authenticate if current authentication can not fulfill PAPE request Use OpenID at site requesting phishing-resistant authentication when already signed in with a username and password. Verify that the OP directs the user to re-authenticate with a phishing-resistant authentication method, if available. User requested to re-authenticate with method fulfilling PAPE request No opportunity to re-authenticate presented to user

Tests


Feature-OpenID Provider login via Information Card

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider login via Information Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider login via Information Card - Maturity: Established {{#if: I2 | (I2 ) }}
OP supports logging in to your OpenID with an Information Card Sign into the OP with an Information Card Either one or more Information Cards may be associated with your OpenID, which log you in A password still needs to be entered into a web form when an Information Card is used

Tests


Feature-OpenID Provider account creation via Information Card

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider account creation via Information Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider account creation via Information Card - Maturity: Established {{#if: I2 | (I2 ) }}
OP supports creating a new OpenID using an Information Card Create a new OpenID at the OP supplying an Information Card to be associated with that OpenID at account creation time. Preferably also accept claims from the card and populate the OpenID profile with them. The Information Card supplied is associated with the account for login purposes. Preferably also use claim values supplied. A username and password must still be used to create an OpenID

Tests


Feature-OpenID Provider support for issuing Managed Information Cards

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for issuing Managed Information Cards|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I4|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for issuing Managed Information Cards - Maturity: Established {{#if: I2 | (I2 ) }}
OP issues managed Information Cards containing claims from profile, enabling the OpenID to also be used at Information Card relying parties. Import a managed card from the OpenID Provider for an OpenID and use it at an Information Card Relying Party Card contains claims populated from OpenID profile Information Card claims not derived from same data as OpenID profile data

Tests