...
The InCommon MFA Support Entity Category, identified by the URI http://xxxxxx, is used by Identity Providers to assert compliance with the criteria of the InCommon MFA Profile and the InCommon Base Level Profile. [Do we want this? I think it's needed for purpose 3 below.] The entity category is self-certified; federations may associate it with any IdP whose operator claims that compliance. Do we want this? I think it's needed for purpose 3 below.
Purpose
The MFA Support Entity Category is intended to be used for the following purposes:
...