[OpenID] pape.auth_time versus pape.auth_age
Martin Paljak
martin at paljak.pri.ee
Sat Feb 2 17:51:50 UTC 2008
On Feb 2, 2008, at 6:46 PM, Eddy Nigg (StartCom Ltd.) wrote:
> Can somebody confirm that sending pape.max_auth_age is wrong and it
> should be pape.auth_time instead?
max_auth_age should be the time in seconds from last authentication in
the PAPE *request*.
AFAIK Draft 1 had auth_time as 'seconds passed from last
authentication', Draft 2 has auth_time as 'the timestamp of the last
authentication'
m.
--
Martin Paljak
http://martin.paljak.pri.ee
+3725156495
More information about the general
mailing list