Approval feels like something temporary that happens in a specific moment, 
unlike grant or credential which are 'issued'.

EHL


On 7/12/10 6:39 AM, "Eve Maler" <e...@xmlgrrl.com> wrote:

How about "approval", as in delegation approval or association approval (since 
the resource owner is approving or consenting to the association of these two 
services on the owner's behalf for delegated access purposes, with specific 
tokens later representing specific access authorizations)?

        Eve

On 11 Jul 2010, at 10:26 PM, William Mills wrote:

> I think "access credential" is  better that either of those.  Using
> "grant" as a noun is a somewhat obscure usage, a la "land grant", which
> I think of more as the deed to a property.
>
>> -----Original Message-----
>> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org]
>> On Behalf Of Eran Hammer-Lahav
>> Sent: Saturday, July 10, 2010 8:04 PM
>> To: Brian Eaton; OAuth WG
>> Subject: Re: [OAUTH-WG] "access grant" terminology
>>
>>
>>
>>
>> On 7/10/10 7:46 PM, "Brian Eaton" <bea...@google.com> wrote:
>>
>>> The term "access grant" in the -09 spec is a bit odd.  Normally
>>> "access grant" or "permission grant" would refer to a
>> specific policy
>>> decision made by a resource owner.
>>>
>>> But that's not how the -09 spec uses the term.  The -09
>> spec refers to
>>> authorization codes and assertions as "access grants".
>> Again, that's
>>> weird.  Normally an assertion would be referred to as a
>> "credential",
>>> not a grant.
>>
>> Access grant is something that represents the decision made
>> by the resource owner. If the resource owner approves access,
>> it is represented by a authorization code. If the resource
>> owner shares its password, it is equivalent to unlimited access grant.
>>
>> I coined the term based on common language, not on any
>> existing terminology.
>> If there is a real conflict here, I am happy to consider
>> another term, but it doesn't sound like this is the case, or
>> that the term is used against its meaning.
>>
>>> I think the term "authorization credential" might be a
>> better fit than
>>> "access grant".
>>>
>>> It certainly describes the purpose of the authorization
>> code and the
>>> assertion.  And the term "credential" is normally used to describe
>>> things that need to be verified and protected.
>>
>> I think authorization credential is going to confuse most
>> readers. The spec refers to credentials almost exclusively
>> when dealing with identifier and password (client, end-user),
>> or as a general term for client authentication.
>> Authorization is specific to the end-user authorization
>> endpoint and will be confusing when used with assertions and
>> other grant types.
>>
>> So I'm open to other ideas but not this one.
>>
>> Note that since this term impacts the name of the current 'grant_type'
>> parameter, changing it means code changes.
>>
>> If anyone has a last minute idea please share (or if you are
>> happy with the current grant type). I expect it to be
>> annoying to change once -10 is stable for 4 weeks.
>>
>> EHL
>>
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth


Eve Maler
http://www.xmlgrrl.com/blog
http://www.twitter.com/xmlgrrl
http://www.linkedin.com/in/evemaler

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to