Re: OpenID Assertion Quality Extension - Draft

2006-11-30 Thread George Fletcher
+1 simple and straight forward Just curious about uses cases where the required authentication level changes over time. For instance, a use case where to view my stock portfolio just requires password, but doing a trade requires voicebio. Is the expectation that authentication events can be

Re: [OpenID] OpenID Assertion Quality Extension - Draft

2006-11-30 Thread Paul Madsen
Hi George, for your use case below, why would not the RP just ask for the user to be up-authenticated at the desired higher level when necessary? Are you asking whether the RP should be allowed to ask the user to re-present their URI in order for this to happen? And thereby effectively

Re: [OpenID] OpenID Assertion Quality Extension - Draft

2006-11-30 Thread George Fletcher
Paul Madsen wrote: Hi George, for your use case below, why would not the RP just ask for the user to be up-authenticated at the desired higher level when necessary? So in the draft... how does the RP ask for the user to be "up-authenticated"? The authentication request parameters do not

RE: [OpenID] OpenID Assertion Quality Extension - Draft

2006-11-30 Thread Drummond Reed
Avery, Paul's the one to weigh in on this option - he wrote (and lived) the book on SAML AuthN Context. But I do like the looks of what you proposed - seems very elegant. =Drummond _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Avery Glasser Sent: Thursday,

Re: [OpenID] OpenID Assertion Quality Extension - Draft

2006-11-30 Thread George Fletcher
+1 Avery Glasser wrote: Actually, this could be pretty simple to implement: Replace openid.aqe.preferred_auth_mode with the following: openid.aqe.auth_factor1 Optional: The method of authentication the RP would like the OP to perform, or in the case of a multi-factor

Re: Mailing List etiquette question.

2006-11-30 Thread Scott Kveton
+1. Don't be shy to speak your mind. On 11/30/06 6:48 PM, Recordon, David [EMAIL PROTECTED] wrote: Hi Gavin, As being one that often floats proposals to the list, I'd encourage people to voice their opinions even if it is just agreeing with someone else. With silence it is hard to know