I5:OpenID Relying Party Features

From OSIS Open Source Identity Systems
Revision as of 18:02, 13 January 2009 by Mike.Jones (Talk | contribs) (Emerging -> Established for I4 features)

Jump to: navigation, search

{{#vardefine:DtArticleSortKey|}}


Feature-OpenID Relying Party support for OpenID 1.1

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party support for OpenID 1.1|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party support for OpenID 1.1 - Maturity: Established {{#if: I2 | (I2 ) }}
Supports use of an OpenID with the OpenID 1.1 protocol Use an OpenID from an OP only supporting the OpenID 1.1 protocol at the OpenID RP Works Failure or Exception

Tests

I5:FeatureTest-OpenID RP Accepts OpenIDs from OpenID 1.1 OPs


Feature-OpenID Relying Party support for OpenID 2.0

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party support for OpenID 2.0|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party support for OpenID 2.0 - Maturity: Established {{#if: I2 | (I2 ) }}
Supports use of an OpenID with the OpenID 2.0 protocol Use an OpenID from an OP supporting the OpenID 2.0 protocol at the OpenID RP Works Failure or Exception

Tests

I5:FeatureTest-OpenID RP Accepts OpenIDs from OpenID 2.0 OPs


Feature-OpenID Relying Party support for Simple Registration

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party support for Simple Registration|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party support for Simple Registration - Maturity: Established {{#if: I2 | (I2 ) }}
Supports requesting and receiving Simple Registration attributes Request Simple Registration attributes and display the values returned Works when OP supports Simple Registration and works acceptably when it doesn't Failure or Exception, particularly when OP doesn't support Simple Registration

Tests


Feature-OpenID Relying Party support for Attribute Exchange

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party support for Attribute Exchange|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party support for Attribute Exchange - Maturity: Established {{#if: I2 | (I2 ) }}
Supports requesting and receiving Attribute Exchange attributes Request Attribute Exchange attributes and display the values returned Works when OP supports Attribute Exchange and works acceptably when it doesn't Failure or Exception, particularly when OP doesn't support Attribute Exchange

Tests


Feature-OpenID Relying Party support for PAPE

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party support for PAPE|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party support for PAPE - Maturity: Established {{#if: I2 | (I2 ) }}
Supports requesting authentication properties via PAPE Verify that requested PAPE request parameters are transmitted and reply parameters are returned to the application Allows application to specify PAPE parameters and returns PAPE results to the application Taking control from the application by deciding which parameters to use for it and/or how to treat response parameters

Tests


Feature-Can request Phishing-Resistant Authentication

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can request Phishing-Resistant Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party Can request Phishing-Resistant Authentication - Maturity: Established {{#if: I2 | (I2 ) }}
Can request Phishing-Resistant Authentication Verify that Phishing-Resistant request parameter is transmitted when requested and that reply parameters are returned to the application Sends request correctly to OP and returns results to the application Request not sent correctly and/or responses not returned to application

Tests


Feature-Can request Multi-Factor Authentication

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can request Multi-Factor Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party Can request Multi-Factor Authentication - Maturity: Established {{#if: I2 | (I2 ) }}
Can request Multi-Factor Authentication Verify that Multi-Factor request parameter is transmitted when requested and that reply parameters are returned to the application Sends request correctly to OP and returns results to the application Request not sent correctly and/or responses not returned to application

Tests


Feature-Can request Multi-Factor-Physical Authentication

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can request Multi-Factor-Physical Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party Can request Multi-Factor-Physical Authentication - Maturity: Established {{#if: I2 | (I2 ) }}
Can request Multi-Factor-Physical Authentication Verify that Multi-Factor-Physical request parameter is transmitted when requested and that reply parameters are returned to the application Sends request correctly to OP and returns results to the application Request not sent correctly and/or responses not returned to application

Tests


Feature-Accepts OpenID InfoCards

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Accepts OpenID InfoCards|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party Accepts OpenID InfoCards - Maturity: Established {{#if: I2 | (I2 ) }}
As per https://openidcards.sxip.com/spec/openid-infocards.html Request an OpenID Information Card from the OpenID RP OpenID InfoCards accepted and work Failure or Exception

Tests


Feature-Accepts HTTPS:-based OpenIDs

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Accepts HTTPS:-based OpenIDs|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party Accepts HTTPS:-based OpenIDs - Maturity: Established {{#if: I4 | (I4 ) }}
Supports use of a SSL URL as an OpenID Use an https: URL from an OP supporting the OpenID 2.0 protocol at the OpenID RP Works Failure or Exception

Tests

I5:FeatureTest-OpenID RP Accepts HTTPS-based OpenIDs


Feature-Accepts i-name-based OpenIDs

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Accepts i-name-based OpenIDs|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party Accepts i-name-based OpenIDs - Maturity: Established {{#if: I2 | (I2 ) }}
Supports use of an i-name as an OpenID Use an i-name from an OP supporting the OpenID 2.0 protocol at the OpenID RP Works Failure or Exception

Tests

I5:FeatureTest-OpenID RP Accepts i-name-based OpenIDs


Feature-OpenID RP Accepts i-name-based OpenIDs with Unicode characters

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID RP Accepts i-name-based OpenIDs with Unicode characters|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID RP Accepts i-name-based OpenIDs with Unicode characters - Maturity: Established {{#if: I2 | (I2 ) }}
Supports use of an i-name with Unicode characters as an OpenID (sec 7.2, XRI syntax sec 2.3.1, sec 2.5.5, XRI resolution sec 11.4) Use an i-name containing Unicode characters from an OP at the OpenID RP Works Failure or Exception

Tests

I5:FeatureTest-OpenID RP Accepts i-name-based OpenIDs with Unicode characters


Feature-Display i-name that was verified rather than resulting i-number

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Display i-name that was verified rather than resulting i-number|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party Display i-name that was verified rather than resulting i-number - Maturity: Established {{#if: I2 | (I2 ) }}
When an i-name OpenID is used, display the i-name that was verified to the user, rather than the i-number associated with the i-name Use an i-name as an OpenID at the OpenID RP Display message such as "verified =Mike.Jones as your identity" Display message such as "verified xri://=!4138.AF19.8976.CD2A as your identity"

Tests

I5:FeatureTest-OpenID RP Display i-name that was verified rather than resulting i-number


Feature-OpenID Relying Party support for account creation via Simple Registration

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party support for account creation via Simple Registration|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party support for account creation via Simple Registration - Maturity: Established {{#if: I2 | (I2 ) }}
Supports using Simple Registration to create an account associated with an OpenID Use a new OpenID at the RP Simple Registration used to retrieve necessary account profile parameters Form entry of data required that could have been obtained via Simple Registration

Tests


Feature-OpenID Relying Party support for Identifier Select

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party support for Identifier Select|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party support for Identifier Select - Maturity: Established {{#if: I4 | (I4 ) }}
Supports OpenID 2.0 "Identifier Select" (sec 14.1.1, and 7.3.2.1.1) Use an OpenID from an OP with a XRDS http://specs.openid.net/auth/2.0/server Service Endpoint The user is redirected to the OP with a dialog to select the identifier they want to use for the RP. Error or Exception

Tests


Feature-OpenID 2.0 Relying Party support for openID 1.1 delegations via rel links

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID 2.0 Relying Party openID 1.1 delegations via rel links|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID 2.0 Relying Party openID 1.1 delegations via rel links - Maturity: Established {{#if: I4 | (I4 ) }}
Accepts OpenID 1.1 delegations in discovered rel links (sec 11.2.1) Use a OpenID 1.0 URL that has a openid.delegate rel link The RP sends normalized input identifier as the claimed_id and the discovered value of openid.delegate as the openid.identity. The RP sends normalized input identifier as the openid.identity, or something other than the product of the second normalization as the openid.claimed_id

Tests

I5:FeatureTest-OpenID 2.0 Relying Party openID 1.1 delegations via rel links


Feature-OpenID 2.0 Relying Party Accepts Namespaced openID 1.1 delegations in XRDS documents

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party Accepts Namespaced openID 1.1 delegations in XRDS documents|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party Accepts Namespaced openID 1.1 delegations in XRDS documents - Maturity: Established {{#if: I4 | (I4 ) }}
Accepts OpenID 1.1 delegations in a XRDS document if namespacing is used in the XML Element (Yadis and XRI specs) Use an OpenID that has a openID delegation in the XRDS in the form of <openid:Delegate xmlns:openid="http://openid.net/xmlns/1.0"> http://ve7jtb.myvidoop.com</openid:Delegate> The user can log in to the RP using the delegated identity. The user cannot log in to the RP using the delegated identity.

Tests

I5:FeatureTest-OpenID Relying Party Accepts Namespaced openID 1.1 delegations in XRDS documents


Feature-OpenID 2.0 Relying Party support for openID 2.0 delegations via rel links

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID 2.0 Relying Party openID 2.0 delegations via rel links|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID 2.0 Relying Party openID 2.0 delegations via rel links - Maturity: Established {{#if: I4 | (I4 ) }}
Accepts OpenID 2.0 delegations in discovered rel links (sec 7.3.3) Use a OpenID 2.0 URL that has a openid2.local_id rel link The RP sends normalized input identifier as the claimed_id and the discovered value of openid.delegate as the openid.identity. The RP sends normalized input identifier as the openid.identity, or something other than the product of the second normalization as the openid.claimed_id

Tests

I5:FeatureTest-OpenID 2.0 Relying Party openID 2.0 delegations via rel links


Feature-OpenID 2.0 Relying Party support for OpenID 2.0 delegation via XRDS

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID 2.0 Relying Party support for OpenID 2.0 delegation via XRDS|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID 2.0 Relying Party support for OpenID 2.0 delegation via XRDS - Maturity: Established {{#if: I4 | (I4 ) }}
Supports OpenID 2.0 Delegated OpenIDs via XRDS Use an OpenID with a XRDS http://specs.openid.net/auth/2.0/signon Service Endpoint containing a <xrd:LocalID> element RP redirects to the OP with the <xrd:LocalID> element as the openid.identity, and the normalized input openID as the openid.claimed_id Failure or Exception

Tests

I5:FeatureTest-OpenID 2.0 Relying Party support for OpenID 2.0 delegation via XRDS


Feature-OpenID Relying Party uses Claimed_ID as it's primary Key

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party uses Claimed_ID as it's primary Key|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party uses Claimed_ID as it's primary Key - Maturity: Established {{#if: I4 | (I4 ) }}
Supports OpenID 2.0 Claimed_ID as the primary Key Use an OpenID with http:// and https:// URI schemes (no http redirect from http to https) RP treats the two forms as separate identifiers. The identifiers are treated as equivalent by the RP

Tests

I5:FeatureTest-OpenID Relying Party uses Claimed ID as its Primary Key


Feature-OpenID Relying Party has HMAC-SHA256 support

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party has HMAC-SHA256 support|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party has HMAC-SHA256 support - Maturity: Established {{#if: I4 | (I4 ) }}
Supports OpenID 2.0 HMAC-SHA256 (Sec 8.4.2) Use an OpenID from an OP with support for HMAC-SHA1 disabled. The user can log in to the RP. The user cannot log in to the RP

Tests


Feature-OpenID Relying Party Accepts unsolicited positive assertions

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party Accepts unsolicited positive assertions|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party Accepts unsolicited positive assertions - Maturity: Established {{#if: I4 | (I4 ) }}
Accepts OpenID 2.0 unsolicited positive assertions (Sec 10 and 11.2) Use an OpenID from an OP that supports bookmarks using unsolicited positive assertions. Create a bookmark for the RP. The user can log in to the RP directly from the OP bookmark without redirection. The user cannot log in to the RP directly from the OP bookmark without redirection.

Tests


Feature-OpenID Relying Party Publishes a XRDS document for its realm specifying the return to URL

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party Publishes a XRDS document for its realm specifying the return to URL|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party Publishes a XRDS document for its realm specifying the return to URL - Maturity: Established {{#if: I4 | (I4 ) }}
A XRDS document is published by the RP specifying the return to URL. (sec 13) Preform (Yadis/XRI resolution Sec 6) on the RPs realm A XRDS document containing a SEP of type http://specs.openid.net/auth/2.0/return_to is returned. An XRDS with the appropriate SEP is not found.

Tests


Feature-OpenID Relying Party validates the openid.return_to in the response

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party validates the openid.return_to in the response|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party validates the openid.return_to in the response - Maturity: Established {{#if: I4 | (I4 ) }}
The openID Relying Party validates the openid.return_to in the response against the URL processing the assertion (sec 11.1) Preform a openID login from an OP that modifies the openid.return_to value The positive assertion is rejected by the RP The RP accepts the positive assertion.

Tests


Feature-OpenID Relying Party validates positive assertions against Discovered Information

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party validates positive assertions against Discovered Information|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party validates positive assertions against Discovered Information - Maturity: Established {{#if: I4 | (I4 ) }}
The openID Relying Party validates the openid.identity, openid.claimed_id, openid.op_endpoint and openid.ns against the discovered information (sec 11.2) Preform a openID login from an OP that modifies the openid.claimed_id The RP lets the user in if the new claimed_id verifies against discovered information, and does not if it does not verify The RP does not let the user in if the new claimed_id verifies against discovered information, or does allow accessif it does not verify

Tests


Feature-OpenID Relying Party validates an assertion with the same openid.response_nonce has not already been processed

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party validates an assertion with the same openid.response_nonce has not already been processed|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party validates an assertion with the same openid.response_nonce has not already been processed - Maturity: Established {{#if: I4 | (I4 ) }}
The openID Relying Party must validate the openid.response_nonce to make sure that it has not already been accepted from the OP (sec 11.3) Preform multiple openID logins from a OP that returns the same openid.response_nonce each time. The RP rejects subsequent logins with the same nonce. The RP allows multiple logins with the same nonce.

Tests


Feature-OpenID Relying Party validates the signature on the assertion is valid and all fields that are required to be signed are signed

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party validates the signature on the assertion is valid and all fields that are required to be signed are signed|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party validates the signature on the assertion is valid and all fields that are required to be signed are signed - Maturity: Established {{#if: I4 | (I4 ) }}
The openID Relying Party must validate the signature on the assertion is valid and all fields that are required to be signed are signed (OpenID sec 11.4) Preform a openID login from a OP that returns an invalid signature or elements not properly signed. The RP rejects the logins. The RP allows the logins.

Tests


Feature-OpenID Relying Party sends Accept request-header specifying MIME media type, application/xrds+xml when performing discovery

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party sends Accept request-header specifying MIME media type, application/xrds+xml when performing discovery|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party sends Accept request-header specifying MIME media type, application/xrds+xml when performing discovery - Maturity: Established {{#if: I4 | (I4 ) }}
The openID Relying Party must send the Accept request-headerapplication/xrds+xml when performing discovery on a URL (OpenID sec 7.3, Yadis 1.0 sec 6.2.4) Preform a openID 2.0 login from a identifier that returns different OP endpoints via a direct XRDS reply and a X-XRDS-Location header. The RP uses the OP endpoint pointed to in the XRDS retrieved via the accept header. The RP uses the OP endpoint pointed to in the XRDS retrieved X-XRDS-Location header.

Tests


Feature-OpenID Relying Party follows XRDS level refs during resolution of XRI identifiers

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party follows XRDS level refs during resolution of XRI identifiers|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party follows XRDS level refs during resolution of XRI identifiers - Maturity: Established {{#if: I4 | (I4 ) }}
The openID Relying Party must follow XRD level refs when resolving iNames (XRI 2.0 Resolution Sec 12.4) Preform a openID 2.0 login from a identifier that contains a XRD level REF to a XRD that contains the openID SEP. The RP uses the CID and SEP of the ref target XRI. The RP uses the CID and SEP of the ref source XRI, or fails.

Tests


Feature-OpenID Relying Party follows SEP level refs during resolution of XRI identifiers

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party follows SEP level refs during resolution of XRI identifiers|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID Relying Party follows SEP level refs during resolution of XRI identifiers - Maturity: Established {{#if: I4 | (I4 ) }}
The openID Relying Party must follow SEP level refs when resolving iNames (XRI 2.0 Resolution Sec 12.4) Preform a openID 2.0 login from a identifier that contains a SEP level REF to a XRD that contains a openID SEP not containing a further ref. The RP uses the CID and SEP of the ref target XRI. The RP uses the CID and SEP of the ref source XRI, or fails.

Tests


Feature-OpenID 2.0 Relying Party Verify X.509 certificate associated with Identity Provider

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID 2.0 Relying Party Verify X.509 certificate associated with Identity Provider|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID 2.0 Relying Party Verify X.509 certificate associated with Identity Provider - Maturity: Established {{#if: I4 | (I4 ) }}
The X.509 Certificate of an Identity Provider should be validated in the following ways: the certificate chain should be validated, the certificate should be checked for revocation via CRL as per RFC 3280 or OCSP per RFC 2560, and the host associated with the certificate should match the host presenting the certificate. This should be done for the claimed_id and the OP endpoint as part of association. Preform a https: openID 2.0 login to a RP with a openID that has a revoked certificate. The RP should fail the login with an actionable message The RP allows the login, or error with no actionable message.

Tests


Feature-OpenID 2.0 Relying Party Requests and Accepts ID-WSF EPR via Attribute Exchange

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OpenID Relying Party Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID 2.0 Relying Party Requests and Accepts ID-WSF EPR token via Attribute Exchange|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=I5|as XML]]  edit
}}
OpenID Relying Party OpenID 2.0 Relying Party Requests and Accepts ID-WSF EPR token via Attribute Exchange - Maturity: Established {{#if: I4 | (I4 ) }}
The openID Relying Party receives a EPR token via AX (http://iiw.idcommons.net/index.php/OpenID_Bootstrapping_ID-WSF_2.0) Preform a openID 2.0 login to a RP that is a ID-WSF Web services client. The RP uses AX to retrieve a EPR token to access a ID-WSF service like the "People Service". (Yadis discovery of the EPR is optional) The RP doesn't request or process the EPR token.

Tests