...
- Ensures that the SAML 2.0 elements conform to the SAML 2 Profile for the Code of Conduct.
- See SAML 2 Profile for the Code of Conduct for details.
- Reminds the Service Provider to check that the Service Provider's
mdui:Description
andmdui:DisplayName
elements are understandable and useful for common end users.- See SAML 2 Profile for the Code of Conduct for details.
- Checks that the Service Provider's Privacy Policy document is available and indicates commitment to the Code of Conduct
- See Privacy policy guidelines for Service Providers for details.
- Reminds the Service Provider to make sure that the list of requested attributes is consistent with the Privacy Policy document.
...
Notice, that there is no obligation for the Home Federation Operator to check that the Service Provider is compliant with the Code of Conduct. However, if the Home Federation Operator is informed or it is obvious that the Service Provider is not in compliance, the Home Federation Operator can refuse to register the Service Provider’s assertion that it complies with the Code of Conduct ("bonus pater familias" principle). That is not expected to make the Home Federation Operator liable for the Service Provider’s non-compliance.
- See Handling non-compliance for general proposals if there are doubts of non-compliance.
...