net.ihe.gazelle.assets.SearchCriteria : 58 assertions found for this search Review filtered assertions

Assertion

Applies to

Applied to
Not applied to

Coverage

Covered by
Not covered by
Id scheme
Assertion id
Status
Testable?
#Coverage
#Applies to
Comment
Predicate
Page
Tags
Last changed
Actions
ITI40ITI40-001reviewedTestable 0 0 The X-Service User and X-Service Provider use the X-Assertion Provider as the third party issuer of the claimed identity assertion.144Section 3.40.11/29/19 2:23:47 PM by epoiseau
ITI40ITI40-002reviewedTestable 0 0 The X-Service Provider uses the X-Assertion Provider as the third party issuer of the X-User assertion144Section 3.40.11/29/19 2:23:47 PM by epoiseau
ITI40ITI40-003reviewedTestable 0 0 The X-Service User is configurable as to when [ITI-40] Provide X-User Assertion is necessary149Section 3.40.1.13/24/17 3:03:16 PM by epoiseau
ITI40ITI40-004reviewedTestable 0 0 The X-Service User is configurable as to when [ITI-40] Provide X-User Assertion is necessary149Section 3.40.1.13/24/17 3:03:16 PM by epoiseau
ITI40ITI40-005reviewedTestable 0 0 The X-Service User shall include the OASIS Web Services Security (WSS) Header146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-006reviewedTestable 0 0 The X-Service User shall include a SAML 2.0 Assertion as the security token146Section 3.40.4.1.21/29/19 2:23:58 PM by epoiseau
ITI40ITI40-007reviewedTestable 0 0 Any ATNA Audit Messages that the X-Service User records in relationship to a transaction protected by the XUA shall have the user identity recorded according to the XUA specific ATNA encoding rules in Section 3.40.4.2 ATNA Audit encoding).0Section 3.40.4.1.2 and 3.40.4.1.33/24/17 3:03:16 PM by epoiseau
ITI40ITI40-008reviewedTestable 0 0 Note this is effectively a duplicate of the previous assertionAny ATNA Audit Messages recorded by Actor grouped with the X-Service User Actor, shall have the user identity recorded according to the XUA specific ATNA encoding rules (See 3.40.4.2 ATNA Audit encoding).146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-009reviewedTestable 0 0 The SAML assertion sent by the X-Service User shall contain a Subject. The Subject contains the logical identifier of the principal performing the original service request146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-010reviewedTestable 0 0 The Subject in the SAML assertion sent by the X-Service User shall remain unchanged through operations acting on the assertion.146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-011reviewedTestable 0 0 The Subject in the SAML assertion sent by the X-Service User shall contain a SubjectConfirmation element.146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-012reviewedTestable 0 0 The X-Service User shall support the bearer confirmation method as defined in the SAML 2.0 Profile specification, Section 3.146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-013reviewedTestable 0 0 In the SAML Assertion Conditions element, the NotBefore element shall be populated with the issue instant of the Assertion146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-014reviewedTestable 0 0 The SAML Assertion Conditions element, sall contain an AudienceRestriction containing an Audience whose value is a URI identifying the X-Service Provider.146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-015reviewedTestable 0 0 An X-Service User may ignore a ProxyRestriction condition.146Section 3.40.4.1.21/29/19 2:23:58 PM by epoiseau
ITI40ITI40-016reviewedTestable 0 0 An X-Service Provider may ignore a ProxyRestriction condition. (ie if the Assertion contains that condition, it is not a test failure if it is not enforced.)146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-017reviewedTestable 0 0 An X-Service User may ignore a OneTimeUsecondition.146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-018reviewedTestable 0 0 An X-Service Provider may ignore a OneTimeUse condition. (ie if the Assertion contains that condition, it is not a test failure if it is not enforced.)146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-019reviewedTestable 0 0 The SAML assertion sent by the X-Service User shall contain an AuthnStatement to specify the AuthnContextClassRef or AuthnContextDeclRef 146Section 3.40.4.1.21/29/19 2:23:47 PM by epoiseau
ITI40ITI40-020reviewedTestable 0 0 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Subject ID attribute.0Section 3/24/17 3:03:16 PM by epoiseau