+1. How about calling it "client password", or something along those lines...? That's what Dick called it for WRAP.
http://tools.ietf.org/html/draft-hardt-oauth-01#page-13 Cheers, Brian On Fri, Jul 16, 2010 at 9:39 AM, Marius Scurtescu <[email protected]> wrote: > I agree that grant_type=none is confusing. "client" or "direct" sound better. > > Marius > > > > On Fri, Jul 16, 2010 at 9:30 AM, Justin Richer <[email protected]> wrote: >> The choice of the value "none" for the grant_type parameter in the >> client-credentials case is confusing. I understand the philosophy behind >> this choice, but I think that calling it "none" here gives the wrong >> impression. It almost sounds like it's a deny-request on first glance, >> or even a revoke request of some type. Furthermore, I'd say that there >> really is an access grant being made here, but it's implicit, and given >> to the client directly and not to an end user. >> >> I propose we change this key to "client", "implicit", "direct", or >> something other than "none" to avoid this kind of confusion. Along with >> this, I would also like the paragraph in 4.1 describing the usage of >> this grant type to be pulled into its own (admittedly short) subsection. >> In this way, someone looking to implement this style of auth will have >> somewhere concrete to look, bringing this method on par with others in >> section 4.1. >> >> -- Justin >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth >> > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
