I think "access credential" is better that either of those. Using "grant" as a noun is a somewhat obscure usage, a la "land grant", which I think of more as the deed to a property.
> -----Original Message----- > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] > On Behalf Of Eran Hammer-Lahav > Sent: Saturday, July 10, 2010 8:04 PM > To: Brian Eaton; OAuth WG > Subject: Re: [OAUTH-WG] "access grant" terminology > > > > > On 7/10/10 7:46 PM, "Brian Eaton" <bea...@google.com> wrote: > > > The term "access grant" in the -09 spec is a bit odd. Normally > > "access grant" or "permission grant" would refer to a > specific policy > > decision made by a resource owner. > > > > But that's not how the -09 spec uses the term. The -09 > spec refers to > > authorization codes and assertions as "access grants". > Again, that's > > weird. Normally an assertion would be referred to as a > "credential", > > not a grant. > > Access grant is something that represents the decision made > by the resource owner. If the resource owner approves access, > it is represented by a authorization code. If the resource > owner shares its password, it is equivalent to unlimited access grant. > > I coined the term based on common language, not on any > existing terminology. > If there is a real conflict here, I am happy to consider > another term, but it doesn't sound like this is the case, or > that the term is used against its meaning. > > > I think the term "authorization credential" might be a > better fit than > > "access grant". > > > > It certainly describes the purpose of the authorization > code and the > > assertion. And the term "credential" is normally used to describe > > things that need to be verified and protected. > > I think authorization credential is going to confuse most > readers. The spec refers to credentials almost exclusively > when dealing with identifier and password (client, end-user), > or as a general term for client authentication. > Authorization is specific to the end-user authorization > endpoint and will be confusing when used with assertions and > other grant types. > > So I'm open to other ideas but not this one. > > Note that since this term impacts the name of the current 'grant_type' > parameter, changing it means code changes. > > If anyone has a last minute idea please share (or if you are > happy with the current grant type). I expect it to be > annoying to change once -10 is stable for 4 weeks. > > EHL > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
