Interop Capabilities: Identity Provider

2007.6.6 dr: add VeriSign to the grid
2007.4.17B pt: updated per our discussion on the OSIS-interop call today
2007.4.17 pt: Added strikethroughs, and some comments to the table itself
2007.4.17 aj: Filled in column for Ping Identity.
2007.4.16 mbj: Filled in MS IdP Sample column
2007.4.16 pt: added Higgins column. Edited both Bandit Wag/Higgins and Higgins columns
2007.4.4: pt: starting to fill in Higgins
2007.3.20: pd: created initial table

Identity Provider Interop Feature Plan - June 6, 2007 (v7)
Feature		MS IdP Sample	Bandit Wag/Higgins	Higgins	Ping Identity	xmldap.org	VeriSign
Managed Card Generation
Can create a managed card with the .crd file format		yes	X	X	X	X	X
Policy Advertisement
Policy Advertisement (MEX)		yes	X	X	X	X	X
Claim Types
Can support xmlsoap.org identity claim types		yes	X	X	X	X	X
Can support other claim types		yes?	X	X		X	OpenID URL
Encryption & Signing of Tokens
Uses AES 256-bit encryption		yes?	X	X	X	X	X
Managed Card Authentication
Users can use username/password to authenticate		yes	X	X	X	X	X
Users can use X.509 certificates to authenticate		yes	X	X
New row:Users can use SAML certificates to authenticate			X	X
Users can use Kerberos tickets to authenticate		no	X	X
Users can use a self-issued information card to authenticate		yes	X	X	X
Additional STS Support
	Backend Interoperability
	Liberty SAML	no	X
	LDAP	no	X
	OpenID Provider	no	X	X			X
Generated Token Types
Will send SAML 1.1 tokens		yes	X	X	X	X	X
Will send SAML 2.0 tokens		no?
Logging/Audit This section isn't clear
Can configure IdP to track places where tokens have been sent		no?	X	X
Can configure IdP to NOT track places where tokens have been sent		yes	X	X
Optional Capabilities
	Managed Card Unlinkability (if IdP publishes PPID)
	PPID is different for each RP	yes	X	X	X
	PPID is provably related to the IdP public key What does this mean?	what does this mean?	X	X