Some thoughts about this:
One of the remaining questions I have about our new claims-heavy regime is: Does it still support our previous popular use case of enabling the resource owner to have a policy condition of "The requesting party must present identity of X, authenticated to Y strength or assurance level Z?" Is it as simple as requesting a particular "acr" claim or set of trust vector claims through either route? This is a case of feature parity with UMA1, so it would be good to be clear.
If that's good, then I'd be pretty comfortable consolidating terms as follows.
Trust elevation could now be supplanted by authorization process (on the UMA wire), claims collection (part of it), (non-interactive) claims pushing (part of claims collection), (interactive) claims gathering (part of claims collection), and authorization assessment (internal to the AS). (I have an action from yesterday's call to work on the definition of authorization process; will do that!)
Authorization API has already gone away, replaced by authorization interface (AS-client-RqP) and UMA grant (the AS-client part). This is a last call for whether we're happy with the name of the grant, and also perhaps the name of the URI for it, which includes "...uma-ticket". (I wonder if it it will be confused for the permission ticket.)
We discussed right at the tail end of yesterday's call how I'll resurrect the profiled token introspection response (for now, go back to
rev 05 to see it), but keep the token profiling extensibility point out. This would mean that the
authorization data language would go away in favor of just
permissions, which we could make clear is meant conceptually except in cases of introspection. Last call for replacing this word with something else. (Talking to access control experts, sometimes I'll describe them as entitlements -- not that this word isn't fraught either!)
How we define claim isn't really quite right, since we say it's about "identity attributes of a requesting party". This excludes promissory claims. I've always struggled with this. If you have a brilliant idea, let me know.