I3:Information Card Identity Selector Features
From OSIS Open Source Identity Systems
Feature-Basic use of Self-Issued Information Card
| list help copy as XML edit |
| Information Card Identity Selector Basic use of Self-Issued Information Card - Maturity: Established (I1 ) | |||
|---|---|---|---|
| Support for self-issued cards containing claims maintained by the user. | Verify correct communication of self-issued claim values | Required and selected optional claims delivered | Additional claims delivered or some selected claims not delivered |
Tests
I3:FeatureTest-Selector Use with Self-Issued Cards
Feature-Basic use of PIN-protected Self-Issued Information Card
| list help copy as XML edit |
| Information Card Identity Selector Basic use of PIN-protected Self-Issued Information Card - Maturity: Established (I1 ) | |||
|---|---|---|---|
| Support for self-issued cards protected by a user-set PIN number | Use a self-issued information card protected by a PIN number | Required and selected optional claims delivered | Additional claims delivered or some selected claims not delivered |
Tests
I3:FeatureTest-Selector PIN-protection of Cards
Feature-Basic use of Managed Card backed by Self-Issued Information Card
| list help copy as XML edit |
| Information Card Identity Selector Basic use of Managed Card backed by Self-Issued Information Card - Maturity: Established (I1 ) | |||
|---|---|---|---|
| Support for import and use of a managed card backed by a self-issued card. | Create a managed card backed by a self-issued card, import it into the Selector, and use it at a relying party. | Works | Fails |
Tests
I3:FeatureTest-Selector with card-backed Managed Cards
Feature-Basic use of Managed Card backed by X.509 Certificate
| list help copy as XML edit |
| Information Card Identity Selector Basic use of Managed Card backed by X.509 Certificate - Maturity: Emerging (I3 ) | |||
|---|---|---|---|
| Support for import and use of a managed card backed by an X.509 certificate | Create a managed card backed by an X.509 certificate, import it into the Selector, and use it at a relying party. | Works | Fails |
Tests
I3:FeatureTest-Selector Support for Managed Card backed by X.509 Certificate
Feature-Basic use of Managed Card backed by Kerberos
| list help copy as XML edit |
| Information Card Identity Selector Basic use of Managed Card backed by Kerberos - Maturity: Emerging | |||
|---|---|---|---|
| Support for import and use of a managed card backed by a Kerberos ticket | Create a managed card backed by a Kerberos ticket, import it into the Selector, and use it at a relying party. | Works or fails with actionable error message | Fails |
Tests
Feature-Basic use of Managed Card backed by Username and Password
| list help copy as XML edit |
| Information Card Identity Selector Basic use of Managed Card backed by Username and Password - Maturity: Established (I1 ) | |||
|---|---|---|---|
| Support for import and use of a managed card backed by a username and password | Create a managed card backed by a password, import it into the Selector, and use it at a relying party. | Possible to specify a password and complete the transaction | Error or unable to specify a password |
Tests
I3:FeatureTest-Selector with UNPW-backed Managed Cards
Feature-Support for Auditing Cards
| list help copy as XML edit |
| Information Card Identity Selector Support for Auditing Cards - Maturity: Established (I1 ) | |||
|---|---|---|---|
| Cards with mandatory RequireAppliesTo property, as per ISIP § 4.1.1.5, 4.3.3 | Import and use card with mandatory RequireAppliesTo. | If AppliesTo supplied by RP, send AppliesTo value from RP policy in token request to IP. If not supplied, send the RP endpoint to which token will be sent as the value of AppliesTo in token request to IP. | Other behaviors |
Tests
I3:FeatureTest-Selector Support for Auditing Cards
Feature-Support for Auditing-Optional Cards
| list help copy as XML edit |
| Information Card Identity Selector Support for Auditing-Optional Cards - Maturity: Emerging (I3 ) | |||
|---|---|---|---|
| Cards with optional RequireAppliesTo property, as per ISIP § 4.1.1.5, 4.3.3 | Import and use card with optional RequireAppliesTo. | If AppliesTo supplied by RP, send AppliesTo value from RP policy in token request to IP. If not supplied, do not send AppliesTo in token request to IP. | Other behaviors |
Tests
I3:FeatureTest-Selector Support for Auditing-Optional Cards
Feature-Support for Non-Auditing Cards
| list help copy as XML edit |
| Information Card Identity Selector Support for Non-Auditing Cards - Maturity: Emerging (I3 ) | |||
|---|---|---|---|
| Cards without RequireAppliesTo property, as per ISIP § 4.1.1.5, 4.3.3 | Import and use card without RequireAppliesTo | If AppliesTo supplied by RP, fail with actionable error message. If not, Do not send AppliesTo in token request to IP. | Other behaviors |
Tests
I3:FeatureTest-Selector Support for Non-Auditing Cards
Feature-Cards supporting multiple token types
| list help copy as XML edit |
| Information Card Identity Selector Cards supporting multiple token types - Maturity: Emerging | |||
|---|---|---|---|
| As per ISIP § 4.1.1.3 | Import and use card capable of offering multiple token types | Token type requested is delivered | Card fails to match for some token types. Token of wrong type delivered. |
Tests
Feature-Cards supporting multiple authentication methods
| list help copy as XML edit |
| Information Card Identity Selector Cards supporting multiple authentication methods - Maturity: Emerging | |||
|---|---|---|---|
| As per ISIP § 4.1.1.2 | Import and use card supporting multiple authentication methods | Selector uses all endpoints in order until one succeeds | Only first endpoint tried |
Tests
Feature-Import .crd file containing Managed Card
| list help copy as XML edit |
| Information Card Identity Selector Import .crd file containing Managed Card - Maturity: Established (I1 ) | |||
|---|---|---|---|
| A single card can be imported from a .crd file | Import card from .crd file | Successful card import | Error or Exception |
Tests
I3:FeatureTest-Selector Import of .crd Files
Feature-Export one or more Cards to .crds file
| list help copy as XML edit |
| Information Card Identity Selector Export one or more Cards to .crds file - Maturity: Established (I1 ) | |||
|---|---|---|---|
| Cards can be exported to the .crds file format | Export cards to .crds file | Successful Export | Error or Exception |
Tests
I3:FeatureTest-Selector Import-Export of .crds Files
Feature-Import Cards from .crds file
| list help copy as XML edit |
| Information Card Identity Selector Import Cards from .crds file - Maturity: Established (I1 ) | |||
|---|---|---|---|
| Cards can be imported from the .crds file format. | Import a valid .crds file | Successful Import | Error or Exception |
Tests
I3:FeatureTest-Selector Import-Export of .crds Files
Feature-Relying Party specific identifiers constructed for Self-Issued Cards and standard SSL Relying Party certificate
| list help copy as XML edit |
| Information Card Identity Selector Relying Party specific identifiers constructed for Self-Issued Cards and standard SSL Relying Party certificate - Maturity: Emerging (I3 ) | |||
|---|---|---|---|
| Privatepersonalidentifier, signing key, and if present, friendly identifier must be compatible for sites using a standard SSL Certificate as per ISIP § 8.6, 4.3.4 | Use a self-issued card at an RP site using Standard SSL certificates and assess correctness of identifiers created. | Identifiers match ISIP specifications | Identifiers do not meet ISIP specifications |
Tests
I3:FeatureTest-Selector Constructs Site-Specific Identifiers for Self-Issued Cards
Feature-Relying Party specific identifiers constructed for Self-Issued Cards and EV SSL Relying Party certificate
| list help copy as XML edit |
| Information Card Identity Selector Relying Party specific identifiers constructed for Self-Issued Cards and EV SSL Relying Party certificate - Maturity: Emerging | |||
|---|---|---|---|
| privatepersonalidentifier, signing key, and friendly identifier if present must be compatible for EV SSL sites for self-issued cards as per ISIP § 8.6, 4.3.4 | Use an information card at a site with an EV certificate and verify the resulting PPID and friendly ID | Identifiers match ISIP specifications | Identifiers do not meet ISIP specifications |
Tests
Feature-Relying Party specific identifiers constructed for Self-Issued Cards when AppliesTo supplied
| list help copy as XML edit |
| Information Card Identity Selector Relying Party specific identifiers constructed for Self-Issued Cards when AppliesTo supplied - Maturity: Emerging (I3 ) | |||
|---|---|---|---|
| privatepersonalidentifier, signing key, and friendly identifier if present must be compatible for sites providing a wsp:AppliesTo element for self-issued cards as per ISIP § 8.6, 4.3.4 | Use an information card at a site known to provide wsp:AppliesTo element and verify the resulting PPID and friendly ID | Identifiers match ISIP specifications | Identifiers do not meet ISIP specifications |
Tests
I3:FeatureTest-Selector Constructs Site-Specific Identifiers for Self-Issued Cards
Feature-Relying Party specific identifiers constructed for Self-Issued Cards when AppliesTo not supplied
| list help copy as XML edit |
| Information Card Identity Selector Relying Party specific identifiers constructed for Self-Issued Cards when AppliesTo not supplied - Maturity: Emerging | |||
|---|---|---|---|
| privatepersonalidentifier, signing key, ClientPseudonym handling, and friendly identifier if present must be compatible for sites not providing an wsp:AppliesTo element as per ISIP § 8.6, 4.3.4 | Use an information card at a site known to not provide wsp:AppliesTo element and verify the resulting PPID and friendly ID | Identifiers match ISIP specifications | Identifiers do not meet ISIP specifications |
Tests
Feature-Retrieval and display of Display Token values for Managed Cards
| list help copy as XML edit |
| Information Card Identity Selector Retrieval and display of Display Token values for Managed Cards - Maturity: Established (I2 ) | |||
|---|---|---|---|
| Correctly show the display token values provided with a token by an Identity Provider from the Identity Selector as per ISIP § 4.3.6 | Retrieve managed card attributes from within an Identity Selector, and compare results to what is passed to an RP | Displays current token correctly. | Other behavior |
Tests
I3:FeatureTest-Selector Display of Managed Card Display Tokens
Feature-Display Identity Provider Privacy Policy from Managed Card
| list help copy as XML edit |
| Information Card Identity Selector Display Identity Provider Privacy Policy from Managed Card - Maturity: Emerging | |||
|---|---|---|---|
| Display from the Selector a link to the IdP privacy policy, if present in a managed card as per ISIP § 4.1.1.6 | Attempt to view the privacy policy for a managed card with a known embedded value | Link is displayed, matches value in card | Link not displayed, value doesn’t match |
Tests
Feature-Display Relying Party Privacy Policy
| list help copy as XML edit |
| Information Card Identity Selector Display Relying Party Privacy Policy - Maturity: Established (I2 ) | |||
|---|---|---|---|
| Display from the Selector a link to the RP privacy policy as per ISIP § 3.2 | Attempt to view the privacy policy for an RP with a known available value | Link is displayed, matches value in card | Link not displayed, value doesn’t match |
Tests
I3:FeatureTest-Selector Display of RP Privacy Policy
Feature-Display Relying Party certificate details on initial Relying Party site access
| list help copy as XML edit |
| Information Card Identity Selector Display Relying Party certificate details on initial Relying Party site access - Maturity: Emerging | |||
|---|---|---|---|
| Show standard certificate detail information on first access to an RP | Access an RP Site unknown to the Selector, but known to use a standard SSL certificate | Correct Details Shown | No Details Shown or Incorrect Details Shown |
Tests
Feature-Display Relying Party certificate details on demand
| list help copy as XML edit |
| Information Card Identity Selector Display Relying Party certificate details on demand - Maturity: Emerging | |||
|---|---|---|---|
| Show standard certificate detail information during any transaction with that RP, at user’s request | Access an RP Site known to the Selector and known to use a standard SSL certificate | Correct Details Shown | No Details Shown or Incorrect Details Shown |
Tests
Feature-Display Identity Provider certificate details on Card import
| list help copy as XML edit |
| Information Card Identity Selector Display Identity Provider certificate details on Card import - Maturity: Emerging | |||
|---|---|---|---|
| Show IdP Standard SSL certificate detail information on demand by user | Import a card produced by an IdP known to use a standard SSL certificate | Correct Certificate Details Shown | No Details Shown or Incorrect Details Shown |
Tests
Feature-Display fault reason text from SOAP Faults
| list help copy as XML edit |
| Information Card Identity Selector Display fault reason text from SOAP Faults - Maturity: Emerging | |||
|---|---|---|---|
| Support for SOAP Faults as per ISIP § 6 and http://blogs.msdn.com/card/archive/2007/10/04/how-identity-providers-can-show-custom-error-messages-in-cardspace.aspx | Simulate Each Fault | Fault is recognized and acted upon | Fault ignored or exception caused |
Tests
Feature-Support for Identity Provider using Transport Binding to secure SOAP message
| list help copy as XML edit |
| Information Card Identity Selector Support for Identity Provider using Transport Binding to secure SOAP message - Maturity: Established (I1 ) | |||
|---|---|---|---|
| Support for IdP use of transport security to secure the transaction on the channel as per ISIP Guide § 5.1.1.1 and WS-SecurityPolicy 1.2 § 8.3 | Use a managed card whose provider is known to use transport binding against an RP that is also known to correctly handle transport binding. | Successful transaction | Error or exception |
Tests
Feature-Support for Identity Provider using Symmetric Binding to secure SOAP message
| list help copy as XML edit |
| Information Card Identity Selector Support for Identity Provider using Symmetric Binding to secure SOAP message - Maturity: Emerging | |||
|---|---|---|---|
| Support for IdP use of message security, specifically a symmetric binding to secure the transaction on the channel as per ISIP Guide § 5.1.1.2 and WS-SecurityPolicy 1.2 § 8.4 | Use a managed card whose provider is known to use symmetric binding against an RP that is also known to correctly handle symmetric binding. | Successful transaction | Error or exception |
Tests
Feature-Support for Identity Provider using Asymmetric Binding to secure SOAP message
| list help copy as XML edit |
| Information Card Identity Selector Support for Identity Provider using Asymmetric Binding to secure SOAP message - Maturity: Emerging | |||
|---|---|---|---|
| Support for IdP use of message security, specifically an asymmetric binding to secure the transaction on the channel as per WS-SecurityPolicy 1.2 § 8.5. (Do not test in this Interop if not implemented by any Selector.) | Use a managed card whose provider is known to use asymmetric binding against an RP that is also known to correctly handle asymmetric binding. | Successful transaction | Error or exception |
Tests
Feature-Accept Policy Data from Relying Parties using Relying Party STS
| list help copy as XML edit |
| Information Card Identity Selector Accept Policy Data from Relying Parties using Relying Party STS - Maturity: Established (I2 ) | |||
|---|---|---|---|
| Support for use of an RP/STS to communicate RP policy data as per ISIP Guide § 3 | Access an RP Site using an RP/STS & verify policy received. | Complete policy received | Incorrect or incomplete policy received or Selector not triggered |
Tests
I3:FeatureTest-Selector Support for Relying Party STSs
Feature-Accept Policy Data from Rich Client Application using a separate Relying Party
| list help copy as XML edit |
| Information Card Identity Selector Accept Policy Data from Rich Client Application using a separate Relying Party - Maturity: Emerging (I3 ) | |||
|---|---|---|---|
| Ability for Selector to be triggered from a rich client application (with no browser used) and to receive RP policy data from a separate Relying Party | Demonstrate using the Identity Selector from a smart client application (with no browser involved) where the user selects a card and causes a token to be sent to a relying party | Selector invoked and token from selected card sent to relying party | Selector not invoked, token not sent to RP, or other failures |
Tests
I3:FeatureTest-Selector Support for Rich Clients
Feature-Accept Policy Data from Rich Client Application that is also the Relying Party
| list help copy as XML edit |
| Information Card Identity Selector Accept Policy Data from Rich Client Application that is also the Relying Party - Maturity: Emerging | |||
|---|---|---|---|
| Ability for Selector to be triggered from a rich client application (with no browser used), and to receive RP policy data from that rich application | Demonstrate using the Identity Selector from a smart client application (with no browser involved) where the user selects a card and causes a token to be sent to the application from an identity provider | Selector invoked and token from selected card delivered to application | Incorrect or incomplete policy, or Selector not triggered |
Tests
Feature-Identity Selector support for SOAP 1.1
| list help copy as XML edit |
| Information Card Identity Selector Identity Selector support for SOAP 1.1 - Maturity: Established (I1 ) | |||
|---|---|---|---|
| Support for IdP & RP Components which use SOAP 1.1 | Access components that are known to exclusively use SOAP 1.1 | Transaction Succeeds | Error or Exception |
Tests
Feature-Identity Selector support for WS-Trust 1.2, WS-SecurityPolicy 1.1
| list help copy as XML edit |
| Information Card Identity Selector Identity Selector support for WS-Trust 1.2, WS-SecurityPolicy 1.1 - Maturity: Established (I1 ) | |||
|---|---|---|---|
| Support for IdP and RP Components which use WS-Trust 1.2 and WS-SecurityPolicy 1.1 as per ISIP and ISIP Guide | Access components that are known to exclusively use ISIP versions of WS-Trust & WS-SecurityPolicy | Transaction Succeeds | Error or Exception |
Tests
Feature-Support for editing Self-Issued Information Cards
| list help copy as XML edit |
| Information Card Identity Selector Support for editing Self-Issued Information Cards - Maturity: Established (I2 ) | |||
|---|---|---|---|
| Allow user to edit a self-issued information card already held in the Selector to contain new information from the user | Attempt to edit self-issued card information | Unable to update or self-issued cards | Able to update and save self-issued cards |
Tests
Feature-Notify user of need for Managed Information Card refresh
| list help copy as XML edit |
| Information Card Identity Selector Notify user of need for Managed Information Card refresh - Maturity: Emerging | |||
|---|---|---|---|
| If, on attempted use of a managed information card, the Identity Provider returns an InformationCardRefreshRequired SOAP Fault, Selector must notify the user as per ISIP § 4.1.1.1, 4.3.1, 6.2 | Attempt to use a card which needs a refresh | User notified of more recent card version | No notification of new version |
Tests
Feature-Notify user on Card import if imported Card already exists in Card Store
| list help copy as XML edit |
| Information Card Identity Selector Notify user on Card import if imported Card already exists in Card Store - Maturity: Emerging (I3 ) | |||
|---|---|---|---|
| Notify the user if, during card import, Selector detects an incoming card is a duplicate of one that exists in the card store | Attempt to import a card that is already in the card store | User notified and given choice of whether to import | User not notified or error |
Tests
I3:FeatureTest-Selector preserves MasterKey when overwriting card
Feature-Relying Party specific identifiers constructed for Self-Issued Cards at Relying Parties using HTTP
| list help copy as XML edit |
| Information Card Identity Selector Relying Party specific identifiers constructed for Self-Issued Cards at Relying Parties using HTTP - Maturity: Emerging (I3 ) | |||
|---|---|---|---|
| privatepersonalidentifier, signing key, and friendly identifier compatible for no-SSL sites for self-issued cards as per http://blogs.msdn.com/card/archive/2007/09/25/deploy-cardspace-on-your-site-without-a-ssl-certificate.aspx | Use an information card at a site not using an SSL Certificate and verify the resulting PPID and friendly ID | Identifiers match ISIP specifications | Identifiers do not meet ISIP specifications |
Tests
I3:FeatureTest-Selector Constructs Site-Specific Identifiers for Self-Issued Cards
Feature-Support for Relying Parties using HTTP
| list help copy as XML edit |
| Information Card Identity Selector Support for Relying Parties using HTTP - Maturity: Established (I2 ) | |||
|---|---|---|---|
| Support for use of a no-SSL RP as per http://blogs.msdn.com/card/archive/2007/09/25/deploy-cardspace-on-your-site-without-a-ssl-certificate.aspx | Access an http-only RP Site and use an Information Card | Requested claims provided | Selector not triggered |
Tests
I3:FeatureTest-Selector Constructs Site-Specific Identifiers for Self-Issued Cards
Feature-Identity Selector support for SOAP 1.2
| list help copy as XML edit |
| Information Card Identity Selector Identity Selector support for SOAP 1.2 - Maturity: Emerging | |||
|---|---|---|---|
| Support for IdP & RP Components which use SOAP 1.2 | Access components that are known to exclusively use SOAP 1.2 | Transaction Succeeds | Error or Exception |
Tests
Feature-Identity Selector support for WS-Trust 1.3, WS-SecurityPolicy 1.2
| list help copy as XML edit |
| Information Card Identity Selector Identity Selector support for WS-Trust 1.3, WS-SecurityPolicy 1.2 - Maturity: Emerging (I3 ) | |||
|---|---|---|---|
| Support for IdP and RP Components which use WS-Trust 1.3 and WS-SecurityPolicy 1.2 (the OASIS standard versions) as per http://blogs.msdn.com/card/archive/2007/11/22/cardspace-support-for-oasis-ws-sx-standards.aspx | Access components that are known to exclusively use OASIS versions of WS-Trust & WS-SecurityPolicy | Transaction Succeeds | Error or Exception |
Tests
I3:FeatureTest-Selector Support for WS-Trust 1.3 and WS-SecurityPolicy 1.2
Feature-Enforcement of IdP choice to limit use of Card to only sites with SSL
| list help copy as XML edit |
| Information Card Identity Selector Enforcement of IdP choice to limit use of Card to only sites with SSL - Maturity: Emerging (I3 ) | |||
|---|---|---|---|
| Restriction of site access when a card is used that limits card access to non-SSL Sites as per http://blogs.msdn.com/card/archive/2007/09/25/deploy-cardspace-on-your-site-without-a-ssl-certificate.aspx | Import HTTPS only card and try to use it at https and http sites | Card usable at an https site but can not be selected to use at an http site | Card can not be imported or not usable at https site or can be used at an http site |
Tests
I3:FeatureTest-Selector Support for RequireStrongRecipientIdentity
Feature-Identity Selector informs user when an RP site Privacy Policy has Changed
| list help copy as XML edit |
| Information Card Identity Selector Identity Selector informs user when an RP site Privacy Policy has Changed - Maturity: Emerging | |||
|---|---|---|---|
| Selector must be able to detect when a new version of the RP privacy policy is available, and notify the user | Trigger a Selector transaction where the privacy policy has changed | User is notified | User is not notified |
Tests
Feature-PPID for Auditing Managed Card remains the same after overwriting card in Selector
| list help copy as XML edit |
| Information Card Identity Selector PPID for Auditing Managed Card remains the same after overwriting card in Selector - Maturity: Emerging (I3 ) | |||
|---|---|---|---|
| Information provided to the Identity Provider for the card used to generate the PPID is consistent between old and new version of the card | Import one version of the card, use it, and record PPID. Import second version of the card, and verify that the PPID doesn’t change. | The card generates the same PPID after being overwritten | PPID changes after the card is overwritten |
Tests
I3:FeatureTest-Selector preserves MasterKey when overwriting card
Feature-PPID for Auditing Managed Card remains the same after updating card to newer version in Selector
| list help copy as XML edit |
| Information Card Identity Selector PPID for Auditing Managed Card remains the same after updating card to newer version in Selector - Maturity: Emerging | |||
|---|---|---|---|
| Information provided to the Identity Provider for the card used to generate the PPID is consistent between old and new version of the card | Import one version of the card, use it, and record PPID. Import second version of the card, and verify that the PPID doesn’t change. | Different versions of the same card generate the same PPID | PPID changes between versions of the card |
Tests
Feature-PPID for Non-Auditing Managed Card remains the same after updating card to newer version in Selector
| list help copy as XML edit |
| Information Card Identity Selector PPID for Non-Auditing Managed Card remains the same after updating card to newer version in Selector - Maturity: Emerging | |||
|---|---|---|---|
| Information provided to the Identity Provider for the card used to generate the PPID is consistent between old and new version of the card | Import one version of the card, use it, and record PPID. Import second version of the card, and verify that the PPID doesn’t change. | Different versions of the same card generate the same PPID | PPID changes between versions of the card |
Tests
Feature-Verify AppliesTo information is present in Relying Party policy when Auditing Card used
| list help copy as XML edit |
| Information Card Identity Selector Verify AppliesTo information is present in Relying Party policy when Auditing Card used - Maturity: Emerging | |||
|---|---|---|---|
| Check that the RP has returned token scope information with AppliesTo when the card used at the RP is auditing mandatory (Behavior per Token Scope table in ISIP § 4.3.3) | Use an Auditing mandatory card in an RP transaction where the RP does not supply AppliesTo | Actionable Message | Other behavior |
Tests
Feature-Verify AppliesTo information is not present in Relying Party policy when Non-Auditing Card used
| list help copy as XML edit |
| Information Card Identity Selector Verify AppliesTo information is not present in Relying Party policy when Non-Auditing Card used - Maturity: Emerging | |||
|---|---|---|---|
| Check that the RP has not returned token scope information with AppliesTo when the card used at the RP is non-auditing (behavior per Token Scope table in ISIP § 4.3.3) | Use a non-auditing card with an RP where the RP supplies AppliesTo | Fail with actionable error message. | Other behavior |
Tests
Feature-Verify format of .crd file prior to import
| list help copy as XML edit |
| Information Card Identity Selector Verify format of .crd file prior to import - Maturity: Emerging | |||
|---|---|---|---|
| Check that the .crd file is a valid XML document before importing it | Attempt to import a faulty .crd file | Failure with actionable message | Exception, no error notification |
Tests
Feature-Validate certificate signing .crd file prior to import
| list help copy as XML edit |
| Information Card Identity Selector Validate certificate signing .crd file prior to import - Maturity: Emerging | |||
|---|---|---|---|
| Validate that the certificate signing the .crd file is the certificate of the owner of the STS | Attempt to import a .crd file signed by a certificate different than that of the issuing STS | Failure with actionable message | Exception, no error notification |
Tests
Feature-Verify format of .crds file prior to import
| list help copy as XML edit |
| Information Card Identity Selector Verify format of .crds file prior to import - Maturity: Emerging | |||
|---|---|---|---|
| Check that the .crds file is a valid XML document before importing it | |||