[OpenID] pape.auth_time versus pape.auth_age
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Sat Feb 2 18:45:43 UTC 2008
Jonathan and Martin, thanks a lot for clearing this. I wasn't aware that
there is already a second draft (should look more carefully next time
;-) ).
Now, since there isn't a way to differentiate between drafts (i.e. the
policy URL is http://specs.openid.net/extensions/pape/1.0 until the
final), what is the best suggestion for implementation? Going for draft
1 or 2? Most likely RPs will not understand one or the other...
BTW, what's the time frame for the final version? Any estimates?
Martin Paljak wrote:
>
> On Feb 2, 2008, at 6:46 PM, Eddy Nigg (StartCom Ltd.) wrote:
>
>> Can somebody confirm that sending pape.max_auth_age is wrong and it
>> should be pape.auth_time instead?
> max_auth_age should be the time in seconds from last authentication in
> the PAPE *request*.
>
> AFAIK Draft 1 had auth_time as 'seconds passed from last
> authentication', Draft 2 has auth_time as 'the timestamp of the last
> authentication'
>
>
> m.
--
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20080202/8899b99d/attachment-0001.htm>
More information about the specs
mailing list