On 23-Oct-07, at 2:58 PM, David Recordon wrote:
> Cool, committed.
Great, thanks!
> We ready to publish Draft 2?
Yes; the only outstanding issue (from my point of view, which I
suppose will have to wait for draft 3), is clarifying 'active
authentication' means.
Johnny
__
Cool, committed.
http://svn.openid.net/diff.php?repname=specifications&path=%
2Fprovider_authentication_policy_extension%2F1.0%2Ftrunk%2Fopenid-
provider-authentication-policy-extension-1_0.xml&rev=378&sc=1
We ready to publish Draft 2?
--David
On Oct 23, 2007, at 2:46 PM, Barry Ferg wrote:
>
I see both sides of this. At the end of the day the RP is ultimately
making the decision as to if the user can proceed or not. Just as in
SREG if the RP says email is required and the user/OP choose not to
provide it, the RP still has to decide what to do.
I do agree that it is easier on a
+ [...] For example it is recommended that if the OP
+specified the Multi-Factor Physical Authentication policy
and the RP
+requested the Multi-Factor Authentication policy, that the RP's
+requirements were met.
This puts undue requirements on the RP implementati
Hey Johnny and Jonathan,
Just checked in some clarifications, review would be appreciated.
http://openid.net/pipermail/commits/2007-October/000381.html
Thanks,
--David
___
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs