The agent is a overused term and we still need to differentiate between the service provider and the service aggregator.
What about service originator, service provider/cloud provider/service aggregator and service consumer ? Or some version of it. Then we can talk about SO Key or SP key or SC key and other artifacts thereof. Cheers <k/> |-----Original Message----- |From: [email protected] [mailto:[email protected]] On Behalf |Of Eran Hammer-Lahav |Sent: Monday, March 02, 2009 5:46 PM |To: [email protected] |Subject: [oauth] Re: OAuth FAIL | | |I would like to change the entire Service Provider and Consumer terms. |Just |use Server, Client, and User-Agent... | |Yes, Consumer Key is AWEFUL! I think we can change it. The migration |path is |going to be trivial (accept both for a while). | |EHL | | |On 3/2/09 5:37 PM, "Brian Eaton" <[email protected]> wrote: | |> |> |> Ah, I totally forgot about the whole "consumer key" nomenclature. |> |> It would make me incredibly happy if OAuth talked about "consumer |> name" and "consumer secret", because crypto geeks and others tend to |> think that "keys" are secrets. The OAuth consumer key is not secret, |> thus leading to confusion. |> |> Given that oauth_consumer_key is baked into the protocol, this might |> be a lost cause. |> |> On Mon, Mar 2, 2009 at 5:28 PM, Manger, James H |> <[email protected]> wrote: |>> OAuth¹s use of ³Consumer Developer² versus ³Consumer² can be |confusing. |>> |>> |>> |>> It can sound like the OAuth spec is trying to distinguish: the |software |>> developer who wrote a web app; from a web site where the web app is |>> deployed. A software developer can write lots of web apps. A web app |can be |>> installed on lots of independent web sites. I don¹t think this is the |>> intention. The desired difference is between a human (³Application |Owner²) |>> who can complete a registration process, and a computer program |>> (³Application²) that is configured with keys and secrets. |>> |>> |>> |>> It might be clearer to avoid the ³Consumer Developer² term perhaps |saying |>> that a Key and Secret must be obtained for a Consumer from the |Service |>> Provider. |>> |>> |>> |>> James Manger |>> [email protected] |>> Identity and security team < Chief Technology Office < Telstra |>> |>> |>> | | | --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
