> Eran's suggestion of "Service", "Client", and "User-Agent" sounds likes > it might work well to clarify the text.
I'll go as far as claiming that OAuth is a traditional client-server model. The client uses a token to access resources. The fact that those resources are owned by a third entity doesn't change the nature of the interaction. Now, how the client gets the token is a different story in which the user plays a role. But it is important to separate the two parts. To get a token, the client brings the user into context, current via a user-agent. It is time to admit that while the terms fit the model, they confuse the shit out of everyone reading the spec. That's a clear FAIL. EHL --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
