<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Jonathan and Martin, thanks a lot for clearing this. I wasn't aware
that there is already a second draft (should look more carefully next
time ;-) ).<br>
<br>
Now, since there isn't a way to differentiate between drafts (i.e. the
policy URL is <a class="moz-txt-link-freetext" href="http://specs.openid.net/extensions/pape/1.0">http://specs.openid.net/extensions/pape/1.0</a> until the
final), what is the best suggestion for implementation? Going for draft
1 or 2? Most likely RPs will not understand one or the other...<br>
<br>
BTW, what's the time frame for the final version? Any estimates?<br>
<br>
Martin Paljak wrote:
<blockquote
cite="mid:5A573764-304F-4264-82FB-3E4710623889@paljak.pri.ee"
type="cite"><br>
On Feb 2, 2008, at 6:46 PM, Eddy Nigg (StartCom Ltd.) wrote:
<br>
<br>
<blockquote type="cite">Can somebody confirm that sending
pape.max_auth_age is wrong and it should be pape.auth_time instead?
<br>
</blockquote>
max_auth_age should be the time in seconds from last authentication in
the PAPE *request*.
<br>
<br>
AFAIK Draft 1 had auth_time as 'seconds passed from last
authentication', Draft 2 has auth_time as 'the timestamp of the last
authentication'
<br>
<br>
<br>
m.
<br>
</blockquote>
<br>
<div class="moz-signature">-- <br>
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, <a href="http://www.startcom.org">StartCom Ltd.</a></td>
</tr>
<tr>
<td>Jabber: </td>
<td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
</tr>
<tr>
<td>Phone: </td>
<td>+1.213.341.0390</td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
</body>
</html>