How about "approval", as in delegation approval or association approval (since
the resource owner is approving or consenting to the association of these two
services on the owner's behalf for delegated access purposes, with specific
tokens later representing specific access authorizations)?
Eve
On 11 Jul 2010, at 10:26 PM, William Mills wrote:
> I think "access credential" is better that either of those. Using
> "grant" as a noun is a somewhat obscure usage, a la "land grant", which
> I think of more as the deed to a property.
>
>> -----Original Message-----
>> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org]
>> On Behalf Of Eran Hammer-Lahav
>> Sent: Saturday, July 10, 2010 8:04 PM
>> To: Brian Eaton; OAuth WG
>> Subject: Re: [OAUTH-WG] "access grant" terminology
>>
>>
>>
>>
>> On 7/10/10 7:46 PM, "Brian Eaton" <bea...@google.com> wrote:
>>
>>> The term "access grant" in the -09 spec is a bit odd. Normally
>>> "access grant" or "permission grant" would refer to a
>> specific policy
>>> decision made by a resource owner.
>>>
>>> But that's not how the -09 spec uses the term. The -09
>> spec refers to
>>> authorization codes and assertions as "access grants".
>> Again, that's
>>> weird. Normally an assertion would be referred to as a
>> "credential",
>>> not a grant.
>>
>> Access grant is something that represents the decision made
>> by the resource owner. If the resource owner approves access,
>> it is represented by a authorization code. If the resource
>> owner shares its password, it is equivalent to unlimited access grant.
>>
>> I coined the term based on common language, not on any
>> existing terminology.
>> If there is a real conflict here, I am happy to consider
>> another term, but it doesn't sound like this is the case, or
>> that the term is used against its meaning.
>>
>>> I think the term "authorization credential" might be a
>> better fit than
>>> "access grant".
>>>
>>> It certainly describes the purpose of the authorization
>> code and the
>>> assertion. And the term "credential" is normally used to describe
>>> things that need to be verified and protected.
>>
>> I think authorization credential is going to confuse most
>> readers. The spec refers to credentials almost exclusively
>> when dealing with identifier and password (client, end-user),
>> or as a general term for client authentication.
>> Authorization is specific to the end-user authorization
>> endpoint and will be confusing when used with assertions and
>> other grant types.
>>
>> So I'm open to other ideas but not this one.
>>
>> Note that since this term impacts the name of the current 'grant_type'
>> parameter, changing it means code changes.
>>
>> If anyone has a last minute idea please share (or if you are
>> happy with the current grant type). I expect it to be
>> annoying to change once -10 is stable for 4 weeks.
>>
>> EHL
>>
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
Eve Maler
http://www.xmlgrrl.com/blog
http://www.twitter.com/xmlgrrl
http://www.linkedin.com/in/evemaler
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
