etf.org]
>> On Behalf Of Eran Hammer-Lahav
>> Sent: Saturday, July 10, 2010 8:04 PM
>> To: Brian Eaton; OAuth WG
>> Subject: Re: [OAUTH-WG] "access grant" terminology
>>
>>
>>
>>
>> On 7/10/10 7:46 PM, "Brian Eaton" wrote:
&g
perty.
>
>> -Original Message-
>> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org]
>> On Behalf Of Eran Hammer-Lahav
>> Sent: Saturday, July 10, 2010 8:04 PM
>> To: Brian Eaton; OAuth WG
>> Subject: Re: [OAUTH-WG] "access grant"
un...@ietf.org]
> On Behalf Of Eran Hammer-Lahav
> Sent: Saturday, July 10, 2010 8:04 PM
> To: Brian Eaton; OAuth WG
> Subject: Re: [OAUTH-WG] "access grant" terminology
>
>
>
>
> On 7/10/10 7:46 PM, "Brian Eaton" wrote:
>
> > The term &qu
According to this logic, everyone should be called a credential - access token,
refresh token, authorization code, etc.
Having too many similar terms is confusing and a mistake I refuse to repeat.
As for the so called bugs, so far most of your feedback is non-normative or has
little implement
On Sat, Jul 10, 2010 at 8:03 PM, Eran Hammer-Lahav wrote:
> I think authorization credential is going to confuse most readers. The spec
> refers to credentials almost exclusively when dealing with identifier and
> password (client, end-user), or as a general term for client authentication.
> Autho
On 7/10/10 7:46 PM, "Brian Eaton" wrote:
> The term "access grant" in the -09 spec is a bit odd. Normally
> "access grant" or "permission grant" would refer to a specific policy
> decision made by a resource owner.
>
> But that's not how the -09 spec uses the term. The -09 spec refers to
>
The term "access grant" in the -09 spec is a bit odd. Normally
"access grant" or "permission grant" would refer to a specific policy
decision made by a resource owner.
But that's not how the -09 spec uses the term. The -09 spec refers to
authorization codes and assertions as "access grants". Ag
