An example of a real profile that people are certified against is: http://idmanagement.gov/documents/ICAM_OpenID20Profile.pdf
John B. On 2010-08-16, at 8:40 AM, Paul Madsen wrote: > and wrt the 'standards' for what goes in the PAPE extension, look at > > http://openidentityexchange.org/ and > > http://kantarainitiative.org/confluence/display/certification/Identity+Assurance+Certification+Program > > On 16/08/2010 2:22 AM, David Recordon wrote: >> Hey Dennis, take a look at the Provider Authentication Policy Exchange >> extension as it's meant to provide some of this sort of information. >> It is a bit more abstract then what you're describing, but has been >> used successfully for similar needs >> >> >> http://openid.net/specs/openid-provider-authentication-policy-extension-1_0.html >> >> >> --David >> >> >> On Sun, Aug 15, 2010 at 10:08 PM, Dennis Gearon >> <[email protected]> >> wrote: >> >>> I would like to hear some small discussion on an idea/request that I have >>> for the openID spec. >>> >>> When validating with an openID source/server (not uup to speed on >>> architecture of openID yet), part of what gets returned is the following >>> data: >>> >>> A/ A standardized authentication-difficulty rating from the site validating >>> the user. I.E., If my password at yahoo is only 6 characters long, and >>> Yahoo accepts it, yahoo still runs an openID lib procedure against the >>> password when it's created and some standard values get returned, i.e.: >>> >>> weak >>> OK >>> strong >>> exceptional. >>> >>> B/ A second field saying whether multiple tokens were used, such as: >>> >>> one time pad rotating code key fobs >>> password and drop of blood >>> password and handprint >>> et. al. >>> >>> OR, it could send a value saying it meets certain standards out there, if >>> there are any. Maybe setting standards would be a good idea!!! I bet the >>> military has some. Apparently, congressmen and others aren't required to >>> use them on their email/social site accounts ;-) >>> >>> >>> >>> >>> Dennis Gearon >>> >>> Signature Warning >>> ---------------- >>> EARTH has a Right To Life, >>> otherwise we all die. >>> >>> Read 'Hot, Flat, and Crowded' >>> Laugh at >>> http://www.yert.com/film.php >>> >>> >>> _______________________________________________ >>> specs mailing list >>> >>> [email protected] >>> http://lists.openid.net/mailman/listinfo/openid-specs >>> >>> >>> >> _______________________________________________ >> specs mailing list >> >> [email protected] >> http://lists.openid.net/mailman/listinfo/openid-specs >> >> >> No virus found in this incoming message. >> Checked by AVG - >> www.avg.com >> >> Version: 9.0.851 / Virus Database: 271.1.1/3074 - Release Date: 08/15/10 >> 14:35:00 >> >> > _______________________________________________ > specs mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
