I4:FeatureTest-OpenID Provider Support for Phishing-Resistant Authentication
From OSIS Open Source Identity Systems
| list help copy as XML edit |
| Feature Test | OpenID Provider Support for Phishing-Resistant Authentication |
| Test Type | PAPE Support |
| Identifier | FTR-op-pape-1 |
| Description | Tests OpenID Provider's support for satisfying PAPE Phishing-Resistant Authentication |
| Role tested | OpenID Identity Provider |
| Known Successful Reference Solution(s) | I4:SignOn.com |
| Success Criteria | Correct PAPE response provided when phishing-resistant authentication method used |
| Failure Criteria | No or incorect PAPE response provided, failure, or exception |
Features Proven
| Feature | feature_type | solution_role |
|---|---|---|
| Provides Phishing-Resistant Authentication | OpenID Identity Provider | interop |
Instructions
- Open the result page for your solution and for this test.
- Visit the I4:JanRain Python sample relying party.
- Check the box next to the phishing-resistant URL.
- Enter your OpenID and submit it.
- Sign into your OpenID provider using a phishing-resistant authentication method.
- Verify that the relying party is displaying "An authentication policy response contained these policies: http://schemas.openid.net/pape/policies/2007/06/phishing-resistant".
- Set outcome:
- If the success criteria was met, set the outcome to "Works".
- If the test failed, set the outcome to "Failed" and enter information about the failure in the Notes section.
- If other issues occurred set the result to "Issues" and describe them in the Notes section.
- Add either four tilde ~~~~ signs or a text name into the "Tested by" parameter.
- Update the Date Tested, Browser, and Operating System lines of the results page.
