> -----Original Message----- > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf > Of Torsten Lodderstedt > Sent: Wednesday, July 20, 2011 1:59 PM > To: OAuth WG > Subject: Re: [OAUTH-WG] Issue 15, new client registration > > 2.1 Client types > > I'm struggeling with the new terminology of "private" and "public" > clients. In my perception, the text just distinguishes clients which can be > authenticated and such which cannot. This is fine but I consider the wording > misleading. I would suggest to change it to something like trusted/untrusted > or authenticated/unauthenticated or Verifiable/Forgeable.
I'm open to changing the names. I don't like trusted/untrusted because OAuth does not define trust. The authenticated/unauthenticated pair is also not ideal because the terms describe the outcome, not the nature of the client. As for verifiable/forgeable, I think these terms are too complicated for a casual reader. My intention with public/private is to identify the nature of the client credentials. So a more verbose version would be 'public credentials/private credentials'. This also works with 'code' instead of 'credentials'. It's clear from the past year of discussions that we need terminology to describe these two types. Any other suggestions? EHL _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
