In the interest of implementing a short-term solution to #11, we could add a comparison field for the expected expiration date for the SAML signing certificate. This is displayed in the Atlas federation console and should match the expiration on the certificate pulled from the SAML response (in fact, I'm almost positive those certificates are identical). This test should only be run if a certificate is included in the SAML response (some omit them). So, we should have a pre-test which checks for the existence of the certificate. This will be a necessary step for testing on heuristics gathered from certs (i.e. #8).
In the interest of implementing a short-term solution to #11, we could add a comparison field for the expected expiration date for the SAML signing certificate. This is displayed in the Atlas federation console and should match the expiration on the certificate pulled from the SAML response (in fact, I'm almost positive those certificates are identical). This test should only be run if a certificate is included in the SAML response (some omit them). So, we should have a pre-test which checks for the existence of the certificate. This will be a necessary step for testing on heuristics gathered from certs (i.e. #8).