I went away from a formal Terminology section in V2 because 6749 doesn't have one (trying to track the language and structure of OAuth much more closely). FWIW, I did get some feedback from one OAuth person I specially reached out to that the "concepts section" was very effective.
The definition of permission ticket in Grant is accurate even when the full context of FedAuthz is taken into account. Are you looking at rev 05? It seems to meet your goal.
"A correlation handle, initially passed to the client by the resource server and subsequently exchanged during the authorization process between the client and authorization server." [emphasis added]
And rev 05 of FedAuthz does say this:
"
This specification uses all of the terms and concepts in [UMAGrant]. This figure introduces the following new concepts: ..."
Eve Maler (sent from my iPad) | cell +1 425 345 6756
On May 27, 2017, at 3:46 PM, Mike Schwartz <
mike@gluu.org> wrote:
Eve,Just an editorial note:In UMA Grant, there is a glossary in section 1.3 (Abstract Flow). It says "Following are key concepts relevant to this specification," but it doesn't jump out at you. I was looking for a glossary in the TOC, and couldn't find it.And then in UMA Federated Authz, there is no glossary.You could perhaps reference the Glossary from Federated Authz to UMA Grant, but some of the definitions maybe needs to be tweaked. For example, I was looking at the definition of permission ticket: "A correlation handle, initially passed to the client by the resource server" That makes sense for UMA grant, but for federated Authz, it probably makes sense to mention the AS.- Mike_______________________________________________WG-UMA mailing listWG-UMA@kantarainitiative.orghttp://kantarainitiative.org/mailman/listinfo/wg-uma