Also means from a Yadis file is easy for an IdP to advertise the
extension or not.


-----Original Message-----
Behalf Of Kevin Turner
Sent: Monday, October 02, 2006 11:52 AM
Subject: Re: [PROPOSAL] authentication age

On Sun, 2006-10-01 at 20:07 +0100, Martin Atkins wrote:
> then some/most IdPs just won't bother. [...] a completely uncheckable 
> assumption and is therefore broken by design.
> The best we can do is make it a MAY (that is, max_age is a 
> *suggestion* from the RP) and hope that most IdPs do the right thing; 
> we shouldn't write the spec in a way that misleads RP implementers 
> into thinking they've actually got any real control here.

What he said.

I'd suggest drafting this feature as an extension.  I know that weakens
it, but as Martin says, you can't count on it being there in any case,
so I think an optional extension is a much more straightforward way of
representing when this functionality is actually available.

specs mailing list

specs mailing list

Reply via email to