9.1.2 Unsuccessful Direct Authentication Request Response
If a direct authentication request has not been accepted, following parameters and any relevant extension parameters are returned in the HTTP response body.
value : As specified in Section 4.1.2.
Value: A human-readable message indicating why the direct authentication request failed.
Value: Comma-separated list of signed fields.
Note: Since there is only one parameter, openid.artifact, it will be "artifact".
Value: Base 64 encoded signature calculated as specified in Section 6.
Value: A handle for an association between the Relying Party and the OP that SHOULD be used to sign the response.
In addition to the above, any extension parameters can be returned in the Artifact Response.