3.2.4.1 GetFsTrustInformation

The GetFsTrustInformation exchange MUST consist of a single request message and a single response message. The exchange MUST be initiated by the client with a request message to the server.

As described in section 3.1.1.1, the client emits a GetFsTrustInformation request when the client needs the data described in section 3.1.1.1 to verify the security tokens issued by the server. Thus, a GetFsTrustInformation request MAY be triggered by the receipt of a security token from the server. Implementations MAY choose to improve the performance of security token verification by emitting a GetFsTrustInformation request and caching the data from the response prior to receiving a security token from the server.<2>

The following sections describe the client processing for the request and response messages.