<div class="gmail_quote">On Sun, Jan 18, 2009 at 10:41 PM, Paul Madsen <span dir="ltr"><<a href="mailto:paulmadsen@rogers.com">paulmadsen@rogers.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div bgcolor="#ffffff" text="#000000">
Hi David, your extension is an authentication policy declaration from
the user to the RP.<br>
<br>
PAPE allows the RP to declare its authentication policy to the OP (and
vice versa).<br>
<br>
I wonder if there is an opportunity for convergence? <br>
</div></blockquote><div><br>I'm open to anything, although PAPE is more of an Auth extension, whereas MultiAuth (at least in its present form) is more of a Discovery extension. If the community sees value in something like this, I think a better place for it would be inside of OpenID Auth Discovery 2.1.<br>
<br> </div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div bgcolor="#ffffff" text="#000000"><br>
Or at minimum a naming scheme that hilites the commonality ...... UAPE
:-)<br>
</div></blockquote><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div bgcolor="#ffffff" text="#000000"><br>
paul<br>
<br>
David Fuelling wrote:
<blockquote type="cite"><div><div></div><div class="Wj3C7c">For anyone interested, I've put out a 2nd draft of my
OP-MultiAuth idea. I think the first draft was pretty confusing, so
hopefully this clarifies things a bit more.<br>
<br>
Wiki Page: <a href="http://wiki.openid.net/OP-MultiAuth" target="_blank">http://wiki.openid.net/OP-MultiAuth</a><br>
Actual Draft: <a href="http://wiki.openid.net/f/openid-provider-multiauth-extension-1_0-2.html" target="_blank">http://wiki.openid.net/f/openid-provider-multiauth-extension-1_0-2.html</a><br>
<br>
In a nutshell, the idea here is to protect end-users against a "rogue
OP" by providing a mechanism for a Claimed Identifier to mandate that
an RP get valid auth assertions from two or more different OP's before
giving access to RP-protected resources.<br>
<br>
Thanks!<br>
<br>
David<br>
</div></div><pre><hr size="4" width="90%">
_______________________________________________
specs mailing list
<a href="mailto:specs@openid.net" target="_blank">specs@openid.net</a>
<a href="http://openid.net/mailman/listinfo/specs" target="_blank">http://openid.net/mailman/listinfo/specs</a>
</pre>
<pre><hr size="4" width="90%">
No virus found in this incoming message.
Checked by AVG.
Version: 7.5.552 / Virus Database: 270.10.8/1899 - Release Date: 17/01/2009 5:50 PM
</pre>
</blockquote>
</div></blockquote></div><br>