...
R4. It must accept SP requests for authentication contexts via the standard SAML2 Authentication Request Protocol.
a. This is a requirement for InCommon Bronze Identity Assurance profile, as well as Silver and MFAmulti-factor authentication, if supported.
To support a higher level of assurance of identity for higher risk or higher value services, an SP needs a way to signal to the IdP that it needs a particular level of authentication. The Security Assertion Markup Language (SAML) protocol defines a way to signal the need for a specific authentication context. Requirement R4 obliges the IdP of Last Resort to support this part of the SAML protocol. When the US Government begins requiring Assurance profile support for credentials, the Identity Provider will be able to provide them.
R5. It must support SAML Enhanced Client or Proxy (ECP).
...