are examples normative? If not, is an errata necessary?
Are there any plans for another PAPE version?
paul
John Bradley wrote:
The normative text is correct.
It was always openid.pape.preferred_auth_level_types form Oct 2008
when it was added to draft 5.
The bad example crept in in Draft 6
I dont think this fits either PAPE or AX.
I cant see how the privacy characteristics of an identifier are part of
'authentication policy'. How the user authenticates to the OP is
(mostly) orthogonal to the nature of the identifier the OP asserts.
Nor does it fit the AX description of attribut
there are telco use cases where a family member, by dint only of
'subscriber authentication' to the IDP/OP, is able to access shared
resources (e.g. family calendar) at an SP/RP.
Unlike in Chris's academia case the OP/IDP is itself unable to
distinguish a particular user from amongst other gr
t
http://openid.net/mailman/listinfo/specs
--
Paul Madsen
e:paulmadsen @ ntt-at.com
p:613-482-0432
m:613-282-8647
web:connectid.blogspot.com
___
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs
: 17/01/2009 5:50 PM
--
Paul Madsen
e:paulmadsen @ ntt-at.com
p:613-482-0432
m:613-282-8647
web:connectid.blogspot.com
___
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs
nid.net/mailman/listinfo/specs
No virus found in this incoming message.
Checked by AVG.
Version: 7.5.552 / Virus Database: 270.9.19/1853 - Release Date: 17/12/2008 8:31 AM
--
Paul Madsen
e:paulmadsen @ ntt-at.com
p:613-482-0432
m:613-282-8647
web:connectid.blogspot.com
__
there would appear to be an opportunity here for some drop-dead simple
cross-protocol harmonization by the larger community agreeing on the
definition of these sort of privacy policy identifiers by which a
requestor indicates its privacy commitments and the authority any
obligations.
Define th
Dirk, typo in Sec 6
The Combined Provider SHOULD in addition obtain, from the Combined
Provider, a list .
paul
Dirk Balfanz wrote:
Ok, new spec is up: http://step2.googlecode.com/svn/spec/openid_oauth_extension/drafts/0/openid_oauth_extension.html
Dirk.
On Mon, Nov 17, 2008 at 5:
Hi Mike, if there were an official line numbered version, it would
enable people providing comments against specific lines
Or is there another preferred mechanism for feedback?
Thanks
Paul
Mike Jones wrote:
The OpenID Provider Authentication Policy
Extension (PAPE)
Working G
__
> specs mailing list
> specs@openid.net
> http://openid.net/mailman/listinfo/specs
>
>
>
> No virus found in this incoming message.
> Checked by AVG.
&g
vider.appspot.com
>> <http://openid-provider.appspot.com/> would not match.
>>
>> Would get very confusing apart from advanced users that
>> understand the distinction.
>>
>> Immad
>>
>>
>> On Wed, Apr 9, 2
--
>
> No virus found in this incoming message.
> Checked by AVG.
> Version: 7.5.519 / Virus Database: 269.22.9/1365 - Release Date: 4/8/2008
> 7:30 AM
>
--
Paul Madsene:paulmadsen @ ntt-at.com
NTT
ssee and may contain proprietary,
> confidential and/or privileged information. If you are not the intended
> recipient, any use, copying, disclosure, dissemination or distribution is
> strictly prohibited. If you are not the intended recipient, please notify
> the sender immediately by return e-mail, delete this communication and
> de
thenticate the
presenter unless the constraints of IsPassive can be met
David Recordon wrote:
> Hey Paul,
> How do you guys define "passive". Seems like the opposite problem of
> defining "active".
>
> Thanks,
> --David
>
> On Oct 22, 2007, at 3:1
ptable
>> for most of the OPs/RPs (and tie auth_age to it), leaving the
>> possibility open for anyone to define other similar policies.
>>
>> This could be a bit tricky to specify if there's another parameter
>> involved, but we should be able to come u
itial Workshop (done):
http://www.enisa.europa.eu/pages/authentication/auth_ws.htm
Action Plan:
http://www.enisa.europa.eu/doc/pdf/other/authentication_action_plan.pdf
paul
--
Paul Madsen e:paulmadsen @ ntt-at.com
NTT p:613-482-0432
sorry, trying to straddle worlds/terminology
OpenID SAML
RP == SP (Service Provider)
OP == IDP (Identity Provider)
Josh Hoyt wrote:
> On 2/1/07, Paul Madsen <[EMAIL PROTECTED]> wrote:
>> Hi Josh, do I understand correctly that
--
>
> I believe that this one piece of information would be required more
> often than not, given the phishing implications. The prominence of
> being in the core specification makes it harder to ignore the phishing
> problem.
>
>
_
> specs mailing list
> specs@openid.net
> http://openid.net/mailman/listinfo/specs
>
>
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.409 / Virus Database: 268.15.15/581 - Release Date: 12/9/200
12.2. Informative References
[OASIS.saml-glossary-2.0-os] Hodges, J.
<mailto:[EMAIL PROTECTED]>, Philpott, R.
<mailto:[EMAIL PROTECTED]>, and E. Maler
<mailto:[EMAIL PROTECTED]>, “Glossary for the Security Assertion
Markup Language (SAML) V2.0
<http://docs.oasis-open.org/security/saml/v2.0/saml-glossary-2.0-os.pdf
y read
>>
>> "If this is not specified, it is assumed that the RP is requesting
>> only a single factor for authentication (if openid.aqe.auth_factor2
>> is specified ) or not requesting a particular authentication method"
>>
>
> Agreed.
>
&g
probably read
"If this is not specified, it is assumed that the RP is requesting only
a single factor for authentication (if openid.aqe.auth_factor2 is
specified ) or not requesting a particular authentication method"
paul
Avery Glasser wrote:
> Just to weigh in here...
>
&
event?
> For example, administrators of a site must use both "password" and
> "hardotp". Everyone else just needs "password".
>
> Thanks,
> George
>
>
> _______
> general mailing list
&g
23 matches
Mail list logo