[Txauth] unsolicited feedback on naming

Wayne Chang <wyc@fastmail.fm> Thu, 28 May 2020 16:17 UTC

Return-Path: <wyc@fastmail.fm>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id EC8F13A1059 for <txauth@ietfa.amsl.com>; Thu, 28 May 2020 09:17:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmail.fm header.b=TKNq/hm2; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=Q8FMWJbo
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id SO1V5f3DBrfr for <txauth@ietfa.amsl.com>; Thu, 28 May 2020 09:17:22 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B48983A1055 for <txauth@ietf.org>; Thu, 28 May 2020 09:17:22 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal []) by mailout.nyi.internal (Postfix) with ESMTP id 79F685C00FE for <txauth@ietf.org>; Thu, 28 May 2020 12:17:20 -0400 (EDT)
Received: from imap2 ([]) by compute2.internal (MEProxy); Thu, 28 May 2020 12:17:20 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.fm; h= mime-version:message-id:date:from:to:subject:content-type; s= fm3; bh=1snDa/PYNjIXTnwk2TfS3OXkkfIhXFpzmvH0R84DJ+g=; b=TKNq/hm2 XmbPyN0MFc1Qk/dEXYfOfPIdNxnCzlxy4tWskPu/m0x+siEo6Ij2gBQFTUZsZh++ ANpwskEKvsKZUrHHMsut/9PpaEb3mVLK5hR+3hxJE32XJuNxdodzuMfc+nagraoW RtuUYQrPGgWQjDFEBYH3zeudLt6m35N1Z7Its2UWnC/Esd0sjymmk8xcAZN9w7yT rs4w1W1CW32rLnWF/4ElSlq2SQz3DGISf6QwpmetwPvhCel3lgj89ljuXUrLMzWA 6lzT+pd2f9rXESI78ndxkOnsph+MjpC03/pwUA9ipzRVdAeNdxLety0r799ft9Da cpu8tjrmpEn+DA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=1snDa/PYNjIXTnwk2TfS3OXkkfIhX FpzmvH0R84DJ+g=; b=Q8FMWJboVXsVpkpW/PjaTZJas0Wchea/x0icDrHUqSt5b 8zqauvzyviiQWiWJ5NWNoYiOZmzAQ6qf9+J0m5GKIeuE18yQXguxBRxLzw8IqqKE WSye+H9z/nLdphopqEx5aXvZWIOTMOQVlSp27wJz3xCoTIvnPwMvl8bliANWrO0z pkCsZlfAyv2C+1nBSjtLjkXCMn6mvb83ZY3WNoGynzV1dut9VvSycaZ74rDqARqW cpzTiCTkIuCiqbU4QVU12HAKRQZ1qGKKiCiZH9dUgF2Hiuap8O/v5lSWqPzeMgqb mtmLiQ73vL1XkxHqnJpVZ//b5fIIZOen0G8rW64QQ==
X-ME-Sender: <xms:EOTPXvvDgiyU5pOW9fk79nX0iyWQLYYUlJVORnvhIfFbaQKx0cUvRw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedruddviedgheduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfffhffvufgtsehttdertd erredtnecuhfhrohhmpedfhggrhihnvgcuvehhrghnghdfuceofiihtgesfhgrshhtmhgr ihhlrdhfmheqnecuggftrfgrthhtvghrnhepkefhueehtdeguefhhedvjeffudeghfetud evffduteeftdevteefvefgtdelffegnecuvehluhhsthgvrhfuihiivgeptdenucfrrghr rghmpehmrghilhhfrhhomhepfiihtgesfhgrshhtmhgrihhlrdhfmh
X-ME-Proxy: <xmx:EOTPXgcQGw26DkCPM4mBrsD-NH6oyTlc0uM-eIyAUBk0UN5B9NVlfQ> <xmx:EOTPXix1wLQ_oqoC47iHugFYanymaYCbtAb_KlVGRI-Nfmbb_wmHYA> <xmx:EOTPXuPXqlDSiu8To52k2vDR_TlhicfbrSz4hRRdzGF1uwfzYWqm0A> <xmx:EOTPXtc9pmzw35r3LDxiVbidD2MmybxcscZMDqp8hcvXPVUhkxQVZQ>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id E6FCDE00A9; Thu, 28 May 2020 12:17:19 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-dev0-504-g204cd6f-fm-20200527.002-g204cd6f2
Mime-Version: 1.0
Message-Id: <4469e170-f313-42c0-a288-41bd8a1fa5d8@www.fastmail.com>
Date: Thu, 28 May 2020 12:16:57 -0400
From: "Wayne Chang" <wyc@fastmail.fm>
To: txauth@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/caFRKBAq4czPYmlnaRMiyZ8AeHY>
Subject: [Txauth] unsolicited feedback on naming
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 May 2020 16:17:24 -0000

hi all, good to meet you. adding $0.02 on naming as an outsider, using good, bad, ugly descriptors:

        * AAuthZ    Alternative Authorization Protocol (AAuthZ)
ugly, tough to pronounce and looks like a typo of AuthZ

        * AZARP    AuthoriZed Access to Resources Protocol
ugly, initialism doesn't imply function

        * AZARAP    AuthoriZation And Resource Access Protocol
ugly, initialism doesn't imply function

        * BeBAuthZ    Back-end Based Authorization Protocol
bad, "back-end" is way too broad

        * BYOAuthZ    Build-Your-Own Authorization Protocol
bad, "BYO" means "bring your own" to me

        * CPAAP    Comprehensive Privileged Authentication Authorization Protocol
ugly, unclear how to pronounce, looks close to "CRAAP"

        * DAZARAP    Delegated AuthoriZation And Resource Access Protocol
ugly, initialism doesn't imply function

        * DIYAuthZ    Do-It-Yourself Authorization Protocol
bad, DIY implies amateurish and backyard

        * GNAP    Grant Negotiation and Authorization Protocol
bad, initialism doesn't imply function

        * GranPro    GRAnt Negotiation Protocol
ugly, .+pro or has hints of proprietary

        * IDPAuthZ    Intent Driven Protocol for Authorization
ugly, IdP already means identity provider to lots of folks

        * NIRAD    Negotiation of Intent Registration and Authority Delegation
bad, expansion is too wordy and intent registration is unclear to external stakeholders

        * PAuthZ    Protocol for Authorization
bad, initialism does not imply function

        * RefAuthZ    Refactored Authorization Protocol
bad, "Ref" means reference to lots of folks as in you're trying to define the gold standard

        * ReAuthZ    Reimagined Authorization Protocol
ugly, implies that you might authorize _again_

        * TIAAP    Tokenized Identity and Access Protocol
ugly, "tokenized" anything has charged meanings to technologists and non-technologists alike

        * TIDEAuth    Trust via Intent Driven Extension Auth
bad, i like "TIDEAuth" but Trust via Intent Driven Extension is just semantic soup

        * TIDYAuth    Trust via Intent Driven Yield Auth
bad, tidy implies small, driven yield means nothing to me

        * TIEAuth    Trust via Intent Extension Auth

        * TINOA   This Is Not OAuth

        * TXAuth    Testable eXtensible Authorization
good, except "Testable" doesn't sound like the main priority here?

        * TxAuth      Transmission of Authority

        * TXAuth      Truly eXtensible Authorization
good, not sure about "Truly" because we will no doubt encounter limits ourselves

        * XAuthZ    eXtensible authoriZation protocol
bad, best expanded form here, but XAuthZ is not aesthetic to me

is there a reason we didn't call it TXAuth/TxAuth and have it stand for Transaction Authorization? either of those would be my first choice. i understand that the name picking period is over.