...
(Mostly expected for inclusion in saml2int, but may require additional review)
Protocol Support
This document describes a deployment profile of certain SSO Profiles of SAML V2.0 [ref] for deployers of SAML software. Two SAML SSO profiles are constrained by this deployment profile: the SAML V2.0 Web Browser SSO Profile and the SAML V2.0 Single Logout Profile. [ref]
All deployments MUST support the SAML V2.0 Web Browser SSO Profile [ref] as specified in this document. A deployment indicates support for SAML V2.0 Web Browser SSO by including certain browser-facing SSO endpoints in metadata.
((What about SLO? Is a deployment required to support SLO? In any case, what endpoints in metadata are required and/or recommended?))
SP-Initiated SSO
Service Providers must support the direct generation of authentication request messages conforming to the SAML Authentication Request Protocol [SAML Core, 3.4].
...