Hi My1,
I think usernameless authentication should be possible, i.e. an assertion is generated by the client, which is only at the end of the ceremony gets to be associated with an actual user. That is in the end of the day the purpose of authentication, to tell who the user actually is. If you want to be conformant, and you also want to support this use-case then you should indeed allow empty usernames. If your question is rather how the conformance tool behaves with empty usernames (whether it sends them or not), I do not know that.
As for registration, empty usernames and displayNames do not make sense to me, since you need to associate the credential with an account at the server side. Although, I guess that could be done with cookies and with pre-authentication with another credential? But even in that case, the user is basically known..
Cheers, Daniel