Re: [OAUTH-WG] Issue 15, new client registration

"Lu, Hui-Lan (Huilan)" <huilan.lu@alcatel-lucent.com> Fri, 22 July 2011 21:34 UTC

Return-Path: <huilan.lu@alcatel-lucent.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13A1F21F8B2D for <oauth@ietfa.amsl.com>; Fri, 22 Jul 2011 14:34:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u1uTBUyYq+gg for <oauth@ietfa.amsl.com>; Fri, 22 Jul 2011 14:33:59 -0700 (PDT)
Received: from ihemail1.lucent.com (ihemail1.lucent.com [135.245.0.33]) by ietfa.amsl.com (Postfix) with ESMTP id 0D1E321F8AFD for <oauth@ietf.org>; Fri, 22 Jul 2011 14:33:58 -0700 (PDT)
Received: from usnavsmail4.ndc.alcatel-lucent.com (usnavsmail4.ndc.alcatel-lucent.com [135.3.39.12]) by ihemail1.lucent.com (8.13.8/IER-o) with ESMTP id p6MLXsOl019651 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 22 Jul 2011 16:33:55 -0500 (CDT)
Received: from USNAVSXCHHUB02.ndc.alcatel-lucent.com (usnavsxchhub02.ndc.alcatel-lucent.com [135.3.39.111]) by usnavsmail4.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id p6MLXsQD022062 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Fri, 22 Jul 2011 16:33:54 -0500
Received: from USNAVSXCHMBSB3.ndc.alcatel-lucent.com ([135.3.39.137]) by USNAVSXCHHUB02.ndc.alcatel-lucent.com ([135.3.39.111]) with mapi; Fri, 22 Jul 2011 16:33:54 -0500
From: "Lu, Hui-Lan (Huilan)" <huilan.lu@alcatel-lucent.com>
To: 'Eran Hammer-Lahav' <eran@hueniverse.com>, Torsten Lodderstedt <torsten@lodderstedt.net>, OAuth WG <oauth@ietf.org>
Date: Fri, 22 Jul 2011 16:33:53 -0500
Thread-Topic: [OAUTH-WG] Issue 15, new client registration
Thread-Index: AcxHH+CszluU+50IR3y21EPDB401mwBk4/6gAACdqSA=
Message-ID: <0E96A74B7DFCF844A9BE2A0BBE2C425F058E625BDB@USNAVSXCHMBSB3.ndc.alcatel-lucent.com>
References: <4E2740E9.5000209@lodderstedt.net> <4E274191.6020207@lodderstedt.net> <90C41DD21FB7C64BB94121FBBC2E72345021F377AA@P3PW5EX1MB01.EX1.SECURESERVER.NET>
In-Reply-To: <90C41DD21FB7C64BB94121FBBC2E72345021F377AA@P3PW5EX1MB01.EX1.SECURESERVER.NET>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.33
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.12
Subject: Re: [OAUTH-WG] Issue 15, new client registration
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jul 2011 21:34:00 -0000

Would "protected" and "open" work? Protected clients have protected credentials, while open clients don't. 

Huilan

> -----Original Message-----
> From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf Of Eran
> Hammer-Lahav
> Sent: Friday, July 22, 2011 5:12 PM
> To: Torsten Lodderstedt; OAuth WG
> Subject: Re: [OAUTH-WG] Issue 15, new client registration
> 
> 
> 
> > -----Original Message-----
> > From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf
> > Of Torsten Lodderstedt
> > Sent: Wednesday, July 20, 2011 1:59 PM
> > To: OAuth WG
> > Subject: Re: [OAUTH-WG] Issue 15, new client registration
> >
> > 2.1 Client types
> >
> > I'm struggeling with the new terminology of "private" and "public"
> > clients. In my perception, the text just distinguishes clients which can be
> > authenticated and such which cannot. This is fine but I consider the wording
> > misleading. I would suggest to change it to something like trusted/untrusted
> > or authenticated/unauthenticated or Verifiable/Forgeable.
> 
> I'm open to changing the names.
> 
> I don't like trusted/untrusted because OAuth does not define trust. The
> authenticated/unauthenticated pair is also not ideal because the terms describe the
> outcome, not the nature of the client. As for verifiable/forgeable, I think these terms
> are too complicated for a casual reader.
> 
> My intention with public/private is to identify the nature of the client credentials. So a
> more verbose version would be 'public credentials/private credentials'. This also
> works with 'code' instead of 'credentials'.
> 
> It's clear from the past year of discussions that we need terminology to describe these
> two types.
> 
> Any other suggestions?
> 
> EHL
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth