[security] PAPE Policy for RPs to force authentication without browser cookie

[SitG Admin]

>A real world example is that a user can claim to have been offline 
>during a certain time, however the user silently signed into their 
>OP to check mail, without signing out. A couple days later, the user 
>then uses their OpenID, and the fact that the user signed in at a 
>certain time (when the user claimed to be offline) will be disclosed 
>to the RP.

To complicate this scenario, the user might share their OP with 
someone else at home. Even if the OP were capable of modeling their 
relationship, the user might not care to make it known to the OP - or 
anyone else, really. If the user is satisfied that others who have 
access to the OP/password respect privacy appropriately, using only 
the services they need, the user's claim to have been offline during 
that time would be true, regardless of what the OP's records 
remembered.

-Shade