I5:OpenID Identity Provider Features

From OSIS Open Source Identity Systems
Revision as of 11:32, 23 March 2009 by Ve7jtb (Talk | contribs)

Jump to: navigation, search

{{#vardefine:DtArticleSortKey|}}


Feature-OpenID Provider support for OpenID 1.1

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for OpenID 1.1|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for OpenID 1.1 - Maturity: Established {{#if: I2 | (I2 ) }}
OpenID Provider support for OpenID 1.1 Use OpenID at relying party site using OpenID 1.1 protocol Works (provided OpenID is a legal OpenID 1.1 ID) Doesn't work

Tests

I5:FeatureTest-OpenID Provider support for OpenID 1.1


Feature-OpenID Provider support for OpenID 2.0

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for OpenID 2.0|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for OpenID 2.0 - Maturity: Established {{#if: I2 | (I2 ) }}
OpenID Provider support for OpenID 2.0 Use OpenID at relying party site using OpenID 2.0 protocol Works Doesn't work

Tests

I5:FeatureTest-OpenID Provider support for OpenID 2.0


Feature-OpenID Provider support for Simple Registration

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for Simple Registration|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for Simple Registration - Maturity: Established {{#if: I2 | (I2 ) }}
OpenID Provider support for Simple Registration Use OpenID at site employing Simple Registration protocol Simple registration data provided or message displayed by OP saying not supported Data not provided, failure, or exception

Tests

I5:FeatureTest-OpenID Provider support for Simple Registration


Feature-OpenID Provider support for Attribute Exchange

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for Attribute Exchange|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for Attribute Exchange - Maturity: Established {{#if: I2 | (I2 ) }}
OpenID Provider support for Attribute Exchange Use OpenID at site employing Attribute Exchange protocol Attribute exchange data provided or message displayed by OP saying not supported Data not provided, failure, or exception

Tests


Feature-OpenID Provider AX support for the 9 Sreg Calims in AXSchema.org

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider AX support for the 9 Sreg Calims in AXSchema.org|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider AX support for the 9 Sreg Calims in AXSchema.org - Maturity: Emerging {{#if: I5 | (I5 ) }}
OpenID Provider AX support for the 9 Sreg Calims in AXSchema.org Use OpenID at site employing Attribute Exchange protocol Attribute exchange data provided for the 9 srec compatible claims Data not provided, failure, or exception

Tests


Feature-OpenID Provider support for PAPE

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for PAPE|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for PAPE - Maturity: Established {{#if: I2 | (I2 ) }}
OpenID Provider support for PAPE Use OpenID at site employing PAPE protocol Correct PAPE response provided or message displayed by OP saying not supported No PAPE response provided, failure, or exception

Tests


Feature-Provides Phishing-Resistant Authentication

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Provides Phishing-Resistant Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider Provides Phishing-Resistant Authentication - Maturity: Established {{#if: I2 | (I2 ) }}
Provides Phishing-Resistant Authentication Use OpenID at site employing PAPE to request phishing-resistant authentication Correct PAPE response provided or message displayed by OP saying not supported No PAPE response provided, failure, or exception

Tests

I5:FeatureTest-OpenID Provider Support for Phishing-Resistant Authentication


Feature-Provides Multi-Factor Authentication

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Provides Multi-Factor Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider Provides Multi-Factor Authentication - Maturity: Established {{#if: I2 | (I2 ) }}
Provides Multi-Factor Authentication Use OpenID at site employing PAPE to request multi-factor authentication Correct PAPE response provided or message displayed by OP saying not supported No PAPE response provided, failure, or exception

Tests


Feature-Provides Multi-Factor-Physical Authentication

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Provides Multi-Factor-Physical Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider Provides Multi-Factor-Physical Authentication - Maturity: Established {{#if: I2 | (I2 ) }}
Provides Multi-Factor-Physical Authentication Use OpenID at site employing PAPE to request multi-factor-physical authentication Correct PAPE response provided or message displayed by OP saying not supported No PAPE response provided, failure, or exception

Tests


Feature-Issues OpenID InfoCards

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Issues OpenID InfoCards|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider Issues OpenID InfoCards - Maturity: Established {{#if: I2 | (I2 ) }}
As per https://openidcards.sxip.com/spec/openid-infocards.html Use OpenID at site employing OpenID InfoCard protocol OpenID sent as an InfoCard claim Failure or exception

Tests


Feature-Issues URL-based OpenIDs

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Issues URL-based OpenIDs|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider Issues URL-based OpenIDs - Maturity: Established {{#if: I2 | (I2 ) }}
Issues URL-based OpenIDs Use URL-based OpenID (starting with http or https) at a relying party Accepted Failure or exception

Tests


Feature-Issues i-name-based OpenIDs

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Issues i-name-based OpenIDs|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider Issues i-name-based OpenIDs - Maturity: Established {{#if: I2 | (I2 ) }}
Issues i-name-based OpenIDs Use i-name-based OpenID (starting with an = or @) at an OpenID 2.0 relying party Accepted and i-name correctly displayed by OP Not accepted and/or i-number displayed by OP

Tests


Feature-Directs user to use appropriate authentication methods to fulfill PAPE request

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Directs user to use appropriate authentication methods to fulfill PAPE request|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider Directs user to use appropriate authentication methods to fulfill PAPE request - Maturity: Established {{#if: I2 | (I2 ) }}
Directs user to use appropriate authentication methods to fulfill PAPE request Use OpenID at site requesting phishing-resistant authentication. Verify that the OP directs the user to a phishing-resistant authentication method, if available. Only authentication methods fulfilling request shown for accounts supporting such methods Username/password authentication still available with PAPE requests for accounts with appropriate methods available

Tests


Feature-Directs user to re-authenticate if current authentication can not fulfill PAPE request

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Directs user to re-authenticate if current authentication can not fulfill PAPE request|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider Directs user to re-authenticate if current authentication can not fulfill PAPE request - Maturity: Established {{#if: I2 | (I2 ) }}
Directs user to re-authenticate if current authentication can not fulfill PAPE request Use OpenID at site requesting phishing-resistant authentication when already signed in with a username and password. Verify that the OP directs the user to re-authenticate with a phishing-resistant authentication method, if available. User requested to re-authenticate with method fulfilling PAPE request No opportunity to re-authenticate presented to user

Tests


Feature-OpenID Provider login via Information Card

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider login via Information Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider login via Information Card - Maturity: Established {{#if: I2 | (I2 ) }}
OP supports logging in to your OpenID with an Information Card Sign into the OP with an Information Card Either one or more Information Cards may be associated with your OpenID, which log you in A password still needs to be entered into a web form when an Information Card is used

Tests

I5:FeatureTest-OpenID Provider login via Information Card


Feature-OpenID Provider account creation via Information Card

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider account creation via Information Card|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider account creation via Information Card - Maturity: Established {{#if: I2 | (I2 ) }}
OP supports creating a new OpenID using an Information Card Create a new OpenID at the OP supplying an Information Card to be associated with that OpenID at account creation time. Preferably also accept claims from the card and populate the OpenID profile with them. The Information Card supplied is associated with the account for login purposes. Preferably also use claim values supplied. A username and password must still be used to create an OpenID

Tests


Feature-OpenID Provider support for issuing Managed Information Cards

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for issuing Managed Information Cards|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for issuing Managed Information Cards - Maturity: Established {{#if: I2 | (I2 ) }}
OP issues managed Information Cards containing claims from profile, enabling the OpenID to also be used at Information Card relying parties. Import a managed card from the OpenID Provider for an OpenID and use it at an Information Card Relying Party Card contains claims populated from OpenID profile Information Card claims not derived from same data as OpenID profile data

Tests


Feature-Provides support for Identifier Select

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for Identifier Select|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for Identifier Select - Maturity: Established {{#if: I4 | (I4 ) }}
OpenID Provider support for Identifier Select Use OpenID with Identifier Select at a OpenID 2.0 RP OpenID Provider provides a dialog to allow the user to select there identifier No selection dialog, error or exception

Tests

I5:FeatureTest-Provides support for Identifier Select


Feature-Provides support for Delegated OpenIDs

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider support for Delegated OpenIDs|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider support for Delegated OpenIDs - Maturity: Established {{#if: I4 | (I4 ) }}
OpenID Provider support for OpenID 2.0 Delegated identifiers Use OpenID that is delegated to the OP OP allows the user to log in with the delegated identifier, The OP validates the openid.identity, and passes back the claimed_id unchanged. error or exception, The OP modifies the claimed_id.

Tests

I5:FeatureTest-OpenID Provider support for Delegated OpenIDs


Feature-OpenID Provider redirects http URLs to https URLs for discovery

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider redirects http URLs to https URLs for discovery|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider redirects http URLs to https URLs for discovery - Maturity: Established {{#if: I4 | (I4 ) }}
OpenID Provider redirects http URLs to https URLs for discovery (openID 2.0 sec 15.4) Enter a OpenID for an OP in the browser bar. OP redirects the http: scheme URL to the https: scheme URL. OP does not preform a redirect or the redirect is unavailable.

Tests

I5:FeatureTest-OpenID Provider redirects http URLs to https URLs for discovery


Feature-Provides support for openID 2.0 checkid immediate

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider provides support for checkid_immediate|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider provides support for checkid_immediate - Maturity: Established {{#if: I4 | (I4 ) }}
OpenID Provider provides support for checkid_immediate (openID 2.0 sec 9.3) Log into an RP that uses checkid_immediate. OP responds immediately with either an assertion that authentication is successful, or a response indicating that the request cannot be completed without further user interaction.. The OP engages in a user interaction or error.

Tests

I5:FeatureTest-Provides support for openID 2.0 checkid immediate


Feature-Provides support for openID 2.0 HMAC-SHA256

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider provides support for HMAC-SHA256|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider provides support for HMAC-SHA256 - Maturity: Established {{#if: I4 | (I4 ) }}
OpenID Provider provides support for HMAC-SHA256 (openID 2.0 sec 6.2) Log in to a RP that requests a HMAC-SHA256 association. The OP provides HMAC-SHA256 association. The OP provides HMAC-SHA1 association or error.

Tests

I5:FeatureTest-Provides support for openID 2.0 HMAC-SHA256


Feature-Rejects No-Encryption Association Sessions over http:

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider rejects No-Encryption Association Sessions over http|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider rejects No-Encryption Association Sessions over http - Maturity: Established {{#if: I4 | (I4 ) }}
OpenID Provider only allows DH type Association Sessions over unencrypted http: connections (openID 2.0 sec8.4.1) Log in to a RP that requests a no-encryption association session type over a non https: connection. The OP MUST respond with a direct error message indicating that the association request failed. (the response should contain a session_type value indicating the DH association type supported for http: associations. The OP provides an association.

Tests

Feature-Validates the openid.return_to

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider validates the openid.return_to|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider validates the openid.return_to - Maturity: Established {{#if: I4 | (I4 ) }}
OpenID Provider Validates the openid.return_to (openID 2.0 sec 9.2.1) Log in to a RP that has a XRDS SEP pointing to a different return to than used in the RP request . The OP does not send a positive assertion. The OP sends a positive assertion.

Tests


Feature-Sends a properly formated response nonce

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider sends a properly formated response nonce in its assertions|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider sends a properly formated response nonce in its assertions - Maturity: Established {{#if: I4 | (I4 ) }}
OpenID Provider sends a properly formated response nonce in positive assertions (openID 2.0 sec 10.1) Log in to a RP capture the OP's positive assertion. . The OP The nonce MUST start with the current time on the server. The date and time MUST be formatted as specified in section 5.6 of [RFC3339] The OP sends a improperly formated nonce.

Tests


Feature-Provides bookmarks for generating unsolicited positive assertions

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider provides bookmarks for generating unsolicited positive assertions|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID Provider provides bookmarks for generating unsolicited positive assertions - Maturity: Established {{#if: I4 | (I4 ) }}
OpenID Provider Provides bookmarks for generating unsolicited positive assertions (openID 2.0 sec 10.) Log in to a OP use a bookmark to log into a RP. The OP uses a private association for signing a unsolicited positive assertion The OP doesn't support the functionality.

Tests


Feature-OpenID 2.0 Provider provides ID-WSF EPR via Attribute Exchange

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Identity Provider Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID 2.0 Provider - Provides ID-WSF EPR token via Attribute Exchange|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Identity Provider OpenID 2.0 Provider - Provides ID-WSF EPR token via Attribute Exchange - Maturity: Established {{#if: I4 | (I4 ) }}
The openID Provider receives a request for a EPR via AX and returns a EPR to the RP (http://iiw.idcommons.net/index.php/OpenID_Bootstrapping_ID-WSF_2.0) Preform a openID 2.0 login to a RP that is a ID-WSF Web services client. The OP replies with a EPR token to access a ID-WSF service like the "People Service". (Yadis discovery of the EPR is optional) The OP doesn't reply with a EPR token or the token is invalid.

Tests