[OpenID] Building on the OpenID PAPE specification
Paul Madsen
paulmadsen at rogers.com
Mon Oct 6 22:25:57 UTC 2008
Hi Brian, do you have any thoughts on how PAPE-AM will, or wont, be
compatible with the (as I understand the current situation) the soon to
be standard PAPE
My company is facing some use cases that imply reconciling or mapping
SAML Authentication Context and PAPE, so Im concerned about a split here
thanks
paul
Brian Kelly wrote:
> A few months ago, some members from the OATH community and I got
> together to take a fresh look at the PAPE spec, what it was trying to
> accomplish, and how well it could be implemented. We started holding
> semi-weekly conference calls and over the period of a couple months we
> drafted up a slightly new take on PAPE.
>
> The main difference is that we defined a specific set of
> authentication methods, rather than only using high-level policies.
> After long discussions we found that there was too much ambiguity in
> the high-level policies as defined today in PAPE. We created a draft
> of our modified specification, termed PAPE-Authentication Mechanisms
> (PAPE-AM), and we are beginning to socialize the concepts in that draft.
>
> I published a blog post summarizing our motivations, and wanted to
> share it with the greater OpenID mailing list.
>
> http://openidtrustbearer.wordpress.com/2008/10/06/building-on-the-openid-pape-specification/
>
> I would appreciate hearing the thoughts of the readers on this mailing
> list. Please respond publicly, or feel free to contact me directly.
>
> Thank you,
> Brian
>
> --
> Brian Kelly
> TrustBearer Labs
> http://trustbearer.com
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
>
--
Paul Madsen e:paulmadsen @ ntt-at.com
NTT p:613-482-0432
m:613-302-1428
aim:PaulMdsn5
web:connectid.blogspot.com
More information about the general
mailing list