Yeah, the latest draft is at http://openid.net/specs/openid-provider-authentication-policy-extension-1_0-05.html .
On Nov 25, 2008, at 2:21 AM, Martin Paljak wrote: > Right. I was lazy and google directed me to 1.0-02 as the first > response ... > > m. > On 25.11.2008, at 12:03, Nat wrote: > >> The proposal on the table has generalized NIST thing, I believe. >> >> As to the upstream hint is concerned, I think it is a good idea but >> it was out of scope of the current WG. It belongs to the future spec >> I guess. >> >> [EMAIL PROTECTED] via iPhone >> >> On 2008/11/25, at 18:10, Martin Paljak <[EMAIL PROTECTED]> wrote: >> >>> Hi. >>> >>> PAPE responses have the ability to send NIST levels used for >>> authentication. It would be useful to add these levels as >>> standardized >>> request policy URLs to the spec so that the RP could send hints on >>> wished authentication strength to the OP. >>> >>> BTW, why is there a specific nist_auth_level parameter which is >>> directly tied to one standards institute yet the 'core' of PAPE, >>> policies, don't really define anything except vague 'policies to be >>> specified elsewhere' ? >>> >>> >>> -- >>> Martin Paljak >>> http://martin.paljak.pri.ee >>> +372.515.6495 >>> >>> >>> >>> >>> _______________________________________________ >>> specs mailing list >>> specs@openid.net >>> http://openid.net/mailman/listinfo/specs > > -- > Martin Paljak > http://martin.paljak.pri.ee > +372.515.6495 > > > > > _______________________________________________ > specs mailing list > specs@openid.net > http://openid.net/mailman/listinfo/specs _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs