[WG-UMA] New editorial issue #109

Maciej Machulak maciej.machulak at gmail.com
Mon Oct 27 15:53:00 CDT 2014


Eve, sounds good. Thought: does the wording "asynchronous" capture the
entire nature of this flow (i.e. authorization is both asynchronous AND
made by a different entity)?

Cheers, Maciej

On 27 October 2014 13:47, Eve Maler <eve at xmlgrrl.com> wrote:

> https://github.com/xmlgrrl/UMA-Specifications/issues/109
>
> I threw a couple of editorial nits in here. One is a true nit, identified
> by Andi. The other is an interesting turn of phrase that we need to fix,
> identified by Justin Richer. We say:
>
> "The resource owner's policies at the authorization server amount to an
> implicit authorization grant in governing the issuance of authorization
> data."
>
> Unfortunately, "implicit grant" is the official name of an OAuth grant
> flow that isn't what we're doing here. As noted in a comment on the issue,
> I'm now thinking that the right way to capture the
> pre-authorization/pre-consent nature of what UMA enables is to say that
> this is an *asynchronous* authorization grant. In fact, it might be really
> nice to describe UMA as literally defining an "asynchronous grant" flow for
> OAuth. Thoughts?
>
>         Eve
>
> Eve Maler                                  http://www.xmlgrrl.com/blog
> +1 425 345 6756                         http://www.twitter.com/xmlgrrl
>
> _______________________________________________
> WG-UMA mailing list
> WG-UMA at kantarainitiative.org
> http://kantarainitiative.org/mailman/listinfo/wg-uma
>



-- 
Maciej Machulak
email: maciej.machulak at gmail.com
mobile: +44 7999 606 767 (UK)
mobile: +48 602 45 31 66 (PL)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/wg-uma/attachments/20141027/59dabc6c/attachment.html>


More information about the WG-UMA mailing list