Want to insist on a recent login

Martin Atkins mart at degeneration.co.uk
Mon Jul 18 12:05:32 PDT 2005


Dave Hinton wrote:
> Perhaps some Server’s don’t want to keep track of when the End User last
> entered their password; maybe they should be able to tell the Consumer
> web site “No, and I don’t keep this information” so that the Consumer
> can tell the End User they can’t log in using that Identity.

As soon as your site starts discriminating against ID servers that do
the right thing and say "no, I don't track that" the ID servers will
start lying and say "sure thing!"

An ID server isn't going to help you make its competitors look more
attractive.



More information about the yadis mailing list