Clarification needed in PAPE spec
Allen Tom
atom at yahoo-inc.com
Wed Jun 17 17:07:40 UTC 2009
Another ambiguous parameter is the openid.pape.preferred_auth_policies
request parameter in section 5.1.
The first sentence in Section 5.1 says that all the request parameters
are mandatory (MUST be included), however the description
openid.pape.preferred_auth_policies says that zero policies can be
specified. Is there a special value for "zero policy"? Or should the
parameter be omitted if the no policy is requested?
http://openid.net/specs/openid-provider-authentication-policy-extension-1_0.html#anchor8
Thanks
Allen
More information about the specs
mailing list