valid_from / valid_to

Paul Crowley paul at
Wed Jun 8 12:45:14 PDT 2005

Brad Fitzpatrick wrote:
> # openid.valid_from = UTC date
> # openid.valid_to = UTC date
> What are those in the spec?

They define the validity period of the auth token according to the 
server clock.  The consumer should make the user re-authenticate when 
the token expires.  valid_from should be the creation date.

defines how the consumer should conservatively track the server clock in 
ordre to interpret this expiry date.

More information about the yadis mailing list