...
For an Identity Provider to conform to this REFEDS Assurance Framework it is REQUIRED to conform to the following baseline expectations for Identity Providers:1.
- The Identity Provider is operated with organizational-level authority
...
- The Identity Provider is trusted enough that it is (or it could be) used to access the organization’s own systems
...
- Generally-accepted security practices are applied to the Identity Provider
...
- Federation metadata is accurate, complete, and includes at least one of the following: support, technical, admin, or security contacts
[2] https://refeds.org/assurance/ID/unique
...