The parameter must be included but may have zero URI.

I remember discussing if it should be optional, but can't off hand remember the logic in including it with zero URI.
Perhaps one of my learned colleagues remembers.

John B.

On 17-Jun-09, at 1:07 PM, Allen Tom wrote:

Another ambiguous parameter is the openid.pape.preferred_auth_policies request parameter in section 5.1.

The first sentence in Section 5.1 says that all the request parameters are mandatory (MUST be included), however the description openid.pape.preferred_auth_policies says that zero policies can be specified. Is there a special value for "zero policy"? Or should the parameter be omitted if the no policy is requested?

http://openid.net/specs/openid-provider-authentication-policy-extension-1_0.html#anchor8

Thanks

Allen

_______________________________________________
specs-pape mailing list
specs-p...@openid.net
http://openid.net/mailman/listinfo/specs-pape


_______________________________________________
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs

Reply via email to