...
Ensure Server Certificates are Valid:
Generate and use transport, signing and encryption certificates on the Trust Framework; rotating them at least once every 12 months (certificate expiration is set at 13 months).
Ensure Published APIs are Valid and Certified:
Publish the API endpoints and ensure the correct version is available before any defined ecosystem go-live date.
Ensure server metadata is always up to date, including server logo, server description and customer-facing name.
Integrate with Directory for Onboarding:
Integrate with the Trust Framework registration endpoints, ensuring all clients registered are onboarded and validated following the ecosystem registration framework.
Integrate Authentication:
Integrate with the Trust Framework JWKS endpoints, recovering client public keys when validating message signatures and executing message encryption.
Integrate with the Directory OCSP/CRL services, verifying that used certificates are valid and up-to-date.
...