Also means from a Yadis file is easy for an IdP to advertise the extension or not.
--David -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Turner Sent: Monday, October 02, 2006 11:52 AM To: specs@openid.net Subject: Re: [PROPOSAL] authentication age On Sun, 2006-10-01 at 20:07 +0100, Martin Atkins wrote: [...] > then some/most IdPs just won't bother. [...] a completely uncheckable > assumption and is therefore broken by design. > > The best we can do is make it a MAY (that is, max_age is a > *suggestion* from the RP) and hope that most IdPs do the right thing; > we shouldn't write the spec in a way that misleads RP implementers > into thinking they've actually got any real control here. What he said. I'd suggest drafting this feature as an extension. I know that weakens it, but as Martin says, you can't count on it being there in any case, so I think an optional extension is a much more straightforward way of representing when this functionality is actually available. _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
