[OpenID] ANN: OpenID Provider Authentication Policy Extension (PAPE) supported by Sxipper and OpenID4Java
Johnny Bufu
johnny at sxip.com
Wed Jun 27 19:33:21 UTC 2007
OpenID Provider Authentication Policy Extension [1] (PAPE) provides
means for Relying Parties to request previously agreed upon
authentication policies be applied by the OpenID Providers and for an
OpenID Providers to inform Relying Parties what authentication
policies were used.
Sxipper [2] is an OpenID Provider that performs authentication in a
phishing-resistant manner.
Using PAPE, this quality of the authentication is conveyed to Relying
Parties. All OpenID authentication responses issued by Sxipper are
asserting now the phishing-resistant policy defined in the PAPE
specification.
OpenID4Java [3] v0.9.3 supports the OpenID Provider Authentication
Policy Extension.
To demonstrate this, a PAPE-enabled Relying Party [4] is available
that can be configured to request any combination of the options
defined in the PAPE protocol extension.
[1] http://openid.net/specs/openid-provider-authentication-policy-
extension-1_0-01.html
[2] You can get Sxipper at: http://sxipper.com/
[3] OpenID4Java library lives here: http://code.google.com/p/
openid4java/
[4] A PAPE demo RP is available at: https://verify.sxip.com/papedemo/
--
Sxip Identity OpenID Team
More information about the general
mailing list