I4:FeatureTest-OpenID Provider Support for Phishing-Resistant Authentication

From OSIS Open Source Identity Systems

Jump to: navigation, search

   list help  copy  as XML  edit
Feature Test   OpenID Provider Support for Phishing-Resistant Authentication
Test Type   PAPE Support
Identifier   FTR-op-pape-1  
Description   Tests OpenID Provider's support for satisfying PAPE Phishing-Resistant Authentication  
Role tested   OpenID Identity Provider  
Known Successful Reference Solution(s)  
I4:SignOn.com  
Success Criteria   Correct PAPE response provided when phishing-resistant authentication method used  
Failure Criteria   No or incorect PAPE response provided, failure, or exception  

Features Proven

Feature feature_type solution_role
Provides Phishing-Resistant Authentication OpenID Identity Provider interop
  1. Open the result page for your solution and for this test.
  2. Visit the I4:JanRain Python sample relying party.
  3. Check the box next to the phishing-resistant URL.
  4. Enter your OpenID and submit it.
  5. Sign into your OpenID provider using a phishing-resistant authentication method.
  6. Verify that the relying party is displaying "An authentication policy response contained these policies: http://schemas.openid.net/pape/policies/2007/06/phishing-resistant".
  7. Set outcome:
    1. If the success criteria was met, set the outcome to "Works".
    2. If the test failed, set the outcome to "Failed" and enter information about the failure in the Notes section.
    3. If other issues occurred set the result to "Issues" and describe them in the Notes section.
  8. Add either four tilde ~~~~ signs or a text name into the "Tested by" parameter.
  9. Update the Date Tested, Browser, and Operating System lines of the results page.
Retrieved from "http://osis.idcommons.net/wiki/I4:FeatureTest-OpenID_Provider_Support_for_Phishing-Resistant_Authentication"