For a relying party to verify information from an IP/STS, it must have the key material necessary to verify the digital signature on the message being communicated. The details of IP/STS configuration are vendor-specific.
The appropriate trusts must be in place to allow security tokens issued by the requestor IP/STS to be trusted by the resource IP/STS, and those issued by the resource IP/STS to be trusted by the WS resource. The trusts establishment methods are not addressed in this specification.
The web browser requestor is assumed to have knowledge of the URLs that correspond to WS resources that are protected using this protocol. The communication method of this information is not addressed in this specification.