Speaking as someone who is reasonably familiar with Kerberos and the general concepts involved, I find both Microsoft/Kerberos technology ((constrained delegation/protocol transition) and the ws-trust text horribly confusing and would recommend against all of the above as examples of clarity. After several years I've finally gotten to a point where I understand the Kerberos terms, but that's simply by using them regularly, not because there was clarity.
This may be a case where new terminology is worthwhile if you can find something that multiple people (especially new readers not overly familiar with the concepts) find to be clear. _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
