setting OPENID_PAPE_MAX_AUTH_AGE equal to zero doesn't force reauthentication

Taking a look at the code, in OpenIdAuth.setup_request, a max_age of 0 will fail the 'if any(...)' check when preferred_policies and preferred_level_types evaluate to False.
