Once more, LJ valid_to timespan.
Brad Fitzpatrick
brad at danga.com
Fri Jul 1 13:54:06 PDT 2005
On Fri, 1 Jul 2005, Nathan D. Bowen wrote:
> Carl Howells wrote:
>
> > So, it looks like the entire purpose of the issued and valid_to fields
> > was to give the ID server some way to specify when the user's login to
> > the consumer should expire.
>
> I thought the purpose of valid_to was to ensure that an identity
> response will not be used to *initiate* a log-in after the response
> reaches a certain age.
That was my impression too.
And even with AJAX mode, the server gets it within seconds, then binds it
to that user's existing consumer-side-based session. It doesn't even
matter how long the comment takes to write.
- Brad
More information about the yadis
mailing list