Hi.
PAPE responses have the ability to send NIST levels used for
authentication. It would be useful to add these levels as standardized
request policy URLs to the spec so that the RP could send hints on
wished authentication strength to the OP.
BTW, why is there a specific nist_auth_level
Right. I was lazy and google directed me to 1.0-02 as the first
response ...
m.
On 25.11.2008, at 12:03, Nat wrote:
The proposal on the table has generalized NIST thing, I believe.
As to the upstream hint is concerned, I think it is a good idea but
it was out of scope of the current WG.
The proposal on the table has generalized NIST thing, I believe.
As to the upstream hint is concerned, I think it is a good idea but it
was out of scope of the current WG. It belongs to the future spec I
guess.
[EMAIL PROTECTED] via iPhone
On 2008/11/25, at 18:10, Martin Paljak [EMAIL
Yeah, the latest draft is at
http://openid.net/specs/openid-provider-authentication-policy-extension-1_0-05.html
.
On Nov 25, 2008, at 2:21 AM, Martin Paljak wrote:
Right. I was lazy and google directed me to 1.0-02 as the first
response ...
m.
On 25.11.2008, at 12:03, Nat wrote:
The
