I have read the whole thing and still --- Your argument that it is the place for using "registration access token" thus should have a parallel name "registration access url" is very weak. There are several weakness.
First, "registration access token" actually is "registration" + "access token". Extracting "registration access" from "registration access token" is broken. Secondly, access token is used to against any protected resource. Recommending to use the word "access" in naming protected resources is broken. Should we rename Userinfo endpoint to something like "Userinfo Access Endpoint"? I do not think so. Thirdly, the term "Registration Access" does not seem to be meaningful. When you say "access", I suppose you are using the noun version of it. (If you are using the verb, then I am even more against as a URL should not contain a verb.) According to the Webster, access (n.) is defined as: *access **n.* 1 *a* *:* onset <http://www.merriam-webster.com/dictionary/onset> 2 *b* *:* a fit of intense feeling *:* outburst<http://www.merriam-webster.com/dictionary/outburst> 2 *a* *:* permission, liberty, or ability to enter, approach, or pass to and from a place or to approach or communicate with a person or thing *b* *:* freedom or ability to obtain or make use of something *c* *:* a way or means of access *d* *:* the act or an instance of accessing<http://www.merriam-webster.com/dictionary/accessing> 3 *:* an increase by addition <a sudden *access* of wealth> Replacing "access" with any of the definition above does not seem to work. Remember, a URL is represents a "thing". The name of the endpoint should represent the "thing". I am merginally OK with "client registration url" leveraging on the definition 2. below (again from Webster -- my OED subscription lapsed for the time being.) *registration **n.* 1 *:* the act of registering<http://www.merriam-webster.com/dictionary/registering> 2 *:* an entry in a register<http://www.merriam-webster.com/dictionary/register> 3 *:* the number of individuals registered<http://www.merriam-webster.com/dictionary/registered> *:* enrollment <http://www.merriam-webster.com/dictionary/enrollment> 4 *a* *:* the art or act of selecting and adjusting pipe organ stops *b* *:* the combination of stops selected for performing a particular organ work 5 *:* a document certifying an act of registering However, since the most common use of "registration" is actually *1* above, it still is confusing. If you really want to emphasize the fact that it has been registered, then something like "registered client info uri" or "registered client metadata uri" would be better. Nat 2013/2/20 Mike Jones <[email protected]> > For what it’s worth, the name “registration_access_url” was chosen to be > parallel to “registration_access_token”. It’s the place you use the > access token. And it’s where you access an existing registration. I’m > against the name “client_metadata_url” because it’s not metadata you’re > accessing – it’s a registration you’re accessing. For the same reason, I > don’t think the name “client_info_url” gives people the right idea, because > it doesn’t say anything it being the registration that you’re accessing.** > ** > > ** ** > > If you really want us to change this, having read what’s above, I could > live with “client_registration_url”, but I don’t think a change is actually > necessary. (But if we are going to change it, let’s do it ASAP, before the > OpenID Connect Implementer’s Drafts are published.)**** > > ** ** > > -- Mike**** > > ** ** > > *From:* [email protected] [mailto:[email protected]] *On Behalf > Of *Nat Sakimura > *Sent:* Wednesday, February 20, 2013 7:58 AM > *To:* <[email protected]>; Richer, Justin P.; John Bradley > > *Subject:* Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-dyn-reg-06.txt**** > > ** ** > > Thanks Justin. > > > Even if we go flat rather than doing JSON Structure, the "Client > Registration Access Endpoint" is not a good representative name. > > What it represents is the client metadata/info. > It is not representing "Client Registration Access". **** > > What does "Client Registration Access" mean? **** > > Does UPDATing "Cleint Registration Access" make sense? > > Something in the line of "Client Metadata Endpoint" and > something like "client_metadata_url" or "client_info_url" is much better. > > Nat**** > > 2013/2/15 Richer, Justin P. <[email protected]>**** > > Everyone, there's a new draft of DynReg up on the tracker. This draft > tries to codify the discussions so far from this week into something we can > all read. There are still plenty of open discussion points and items up for > debate. Please read through this latest draft and see what's changed and > help assure that it properly captures the conversations. If you have any > inputs for the marked [[ Editor's Note ]] sections, please send them to the > list by next Thursday to give me opportunity to get any necessary changes > in by the cutoff date of Monday the 22nd. > > Thanks for all of your hard work everyone, I think this is *really* coming > along now. > > -- Justin**** > > > On Feb 15, 2013, at 4:54 PM, [email protected] wrote: > > > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > This draft is a work item of the Web Authorization Protocol Working > Group of the IETF. > > > > Title : OAuth Dynamic Client Registration Protocol > > Author(s) : Justin Richer > > John Bradley > > Michael B. Jones > > Maciej Machulak > > Filename : draft-ietf-oauth-dyn-reg-06.txt > > Pages : 21 > > Date : 2013-02-15 > > > > Abstract: > > This specification defines an endpoint and protocol for dynamic > > registration of OAuth Clients at an Authorization Server. > > > > > > The IETF datatracker status page for this draft is: > > https://datatracker.ietf.org/doc/draft-ietf-oauth-dyn-reg > > > > There's also a htmlized version available at: > > http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-06 > > > > A diff from the previous version is available at: > > http://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-dyn-reg-06 > > > > > > Internet-Drafts are also available by anonymous FTP at: > > ftp://ftp.ietf.org/internet-drafts/ > > > > _______________________________________________ > > OAuth mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth**** > > > > **** > > ** ** > > -- > Nat Sakimura (=nat)**** > > Chairman, OpenID Foundation > http://nat.sakimura.org/ > @_nat_en**** > -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
