<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Sun, Nov 3, 2013 at 9:37 PM, Mike Jones <span dir="ltr"><<a href="mailto:Michael.Jones@microsoft.com" target="_blank">Michael.Jones@microsoft.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="blue" vlink="purple">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Authentication Request is already in the terminology section at
<a href="http://openid.bitbucket.org/openid-connect-core-1_0.html#Terminology" target="_blank">http://openid.bitbucket.org/openid-connect-core-1_0.html#Terminology</a>. Authorization Request is defined by RFC 6749.</span></p>
</div></div></blockquote><div><br></div><div>I think we should have an explicit entry to Authorization Request that says: "An OAuth2 Authorization Request as defined in RFC 6749"</div><div>And then "Authentication Request" --> With a language more similar to the one proposed by Nat in this thread.</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div lang="EN-US" link="blue" vlink="purple"><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">BTW, the terminology change from Authorization Request to Authentication Request is already in
<a href="http://openid.bitbucket.org/openid-connect-core-1_0.html" target="_blank">http://openid.bitbucket.org/openid-connect-core-1_0.html</a>. People are encourage to read all the uses of the terms “Authorization Request” and “Authentication Request” in the specs to make
sure they’re consistent.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> -- Mike<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> <a href="mailto:openid-specs-ab-bounces@lists.openid.net" target="_blank">openid-specs-ab-bounces@lists.openid.net</a> [mailto:<a href="mailto:openid-specs-ab-bounces@lists.openid.net" target="_blank">openid-specs-ab-bounces@lists.openid.net</a>]
<b>On Behalf Of </b>Breno de Medeiros<br>
<b>Sent:</b> Sunday, November 03, 2013 7:27 PM<br>
<b>To:</b> Richer, Justin P.<br>
<b>Cc:</b> <<a href="mailto:openid-specs-ab@lists.openid.net" target="_blank">openid-specs-ab@lists.openid.net</a>><br>
<b>Subject:</b> Re: [Openid-specs-ab] Authorization Request or Authentication Request?<u></u><u></u></span></p><div><div class="h5">
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">Could we explicitly add the definitions of the terms "Authentication Request" and "Authorization Request" to the Terminology section, using language proposed by Nat?<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><u></u> <u></u></p>
<div>
<p class="MsoNormal">On Sun, Nov 3, 2013 at 9:47 AM, Richer, Justin P. <<a href="mailto:jricher@mitre.org" target="_blank">jricher@mitre.org</a>> wrote:<u></u><u></u></p>
<div>
<p class="MsoNormal">+1 <u></u><u></u></p>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<div>
<p class="MsoNormal">On Nov 3, 2013, at 9:48 AM, Torsten Lodderstedt <<a href="mailto:torsten@lodderstedt.net" target="_blank">torsten@lodderstedt.net</a>><u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> wrote:<u></u><u></u></p>
</div>
<div>
<div>
<p class="MsoNormal"><br>
<br>
<u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">+1<u></u><u></u></p>
<div>
<p class="MsoNormal"><br>
<br>
Brian Campbell <<a href="mailto:bcampbell@pingidentity.com" target="_blank">bcampbell@pingidentity.com</a>> schrieb:
<u></u><u></u></p>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Having Connect define and use the term “Authentication Request” provides a nice semantic distinction of what's going on beyond a plain old OAuth "Authorization Request" and, I think, makes it easier to talk
about and explain.<u></u><u></u></p>
</div>
<p class="MsoNormal">So yes, Authentication Request is section headers and in content where appropriate is what I'd prefer.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><u></u> <u></u></p>
<div>
<p class="MsoNormal">On Wed, Oct 30, 2013 at 8:26 PM, n-sakimura <<a href="mailto:n-sakimura@nri.co.jp" target="_blank">n-sakimura@nri.co.jp</a>> wrote:<u></u><u></u></p>
<div>
<div>
<p class="MsoNormal">My suggestion was affected by one of the earlier reviewer. I thought that was quite reasonable.
<br>
To me, the definition of the each terms are as follows now: <br>
<br>
Authorization Request<br>
OAuth 2.0 Authroization Request<br>
<br>
Authentication Request<br>
Authorization Request used to obtain the Authentication Result through the use of OpenID Connect extension parameters and profiled scopes<br>
<br>
As a section header, I believe Authentication Request is more appropriate. <br>
<br>
Nat <u></u><u></u></p>
<div>
<div>
<p class="MsoNormal"><br>
<br>
(2013/10/31 12:01), Mike Jones wrote:<u></u><u></u></p>
</div>
</div>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<div>
<div>
<p class="MsoNormal">We define an Authentication Request as an OAuth 2.0 Authorization Request that requests that the End-User be authenticated by the Authorization Server. And we use the term Authentication
Request in a few places. However, we use the term <span lang="JA">“</span>Authorization Request<span lang="JA">”</span> in the section headings, because it<span lang="JA">’</span>s the OAuth message used.<u></u><u></u></p>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<p class="MsoNormal">More than one reviewer has suggested that we change these section headings from
<span lang="JA">“</span>Authorization Request<span lang="JA">”</span> to <span lang="JA">
“</span>Authentication Request<span lang="JA">”</span>. I agree that that<span lang="JA">’</span>s a better semantic description. We<span lang="JA">’</span>d just have to be careful to continue to say
<span lang="JA">“</span>Authentication Request<span lang="JA">”</span> when referring to the OAuth message.<u></u><u></u></p>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<p class="MsoNormal">What do people prefer?<u></u><u></u></p>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<p class="MsoNormal"> -- Mike<u></u><u></u></p>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><u></u> <u></u></p>
</div>
</div>
<pre>_______________________________________________<u></u><u></u></pre>
<pre>Openid-specs-ab mailing list<u></u><u></u></pre>
<pre><a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank">Openid-specs-ab@lists.openid.net</a><u></u><u></u></pre>
<pre><a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><span style="color:#888888"><u></u><u></u></span></pre>
</blockquote>
<p class="MsoNormal"><span style="color:#888888"><br>
<br>
<br>
</span><u></u><u></u></p>
<pre><span style="color:#888888">-- <u></u><u></u></span></pre>
<pre><span style="color:#888888">Nat Sakimura (<a href="mailto:n-sakimura@nri.co.jp" target="_blank">n-sakimura@nri.co.jp</a>)<u></u><u></u></span></pre>
<pre><span style="color:#888888">Nomura Research Institute, Ltd. <u></u><u></u></span></pre>
<pre><span style="color:#888888"><a href="tel:+81-3-6274-1412" target="_blank">Tel:+81-3-6274-1412</a> Fax:<a href="tel:%2B81-3-6274-1547" target="_blank">+81-3-6274-1547</a><u></u><u></u></span></pre>
<pre><span style="color:#888888"><u></u> <u></u></span></pre>
<pre><span lang="JA" style="color:#888888">�$BK\%a!<%k$K4^$^$l$k>pJs$O5!L)>pJs$G$"$j!"08@h$K5-:\$5$l$F$$$kJ}$N$_$KAw?.$9$k$3$H$r0U?^$7$F$*$j$^$9!#0U?^$5$l$?<u<h?M0J30$NJ}$K$h$k$3$l$i$N>pJs$N3+<(!"J#@=!":FG[I[$dE>Aw$J$I0l@Z$NMxMQ$,6X;_$5$l$F$$$^$9!#8m$C$FK\%a!<%k$r<u?.$5$l$?>l9g$O!"?=$7Lu$4$6�(B</span><span style="color:#888888">ӓ<u></u><u></u></span></pre>
<pre><span style="color:#888888"> 6;|<u></u><u></u></span></pre>
<pre><span style="color:#888888">14;<span lang="JA">�$B$;$s$,!"Aw?.<T$^$G$*CN$i$;$$$?$@$-!"<u?.$5$l$?%a!<%k$r:o=|$7$F$$$?$@$-$^$9$h$&$*4j$$CW$7$^$9!#�(B</span><u></u><u></u></span></pre>
<pre><span style="color:#888888">PLEASE READ:<u></u><u></u></span></pre>
<pre><span style="color:#888888">The information contained in this e-mail is confidential and intended for the named recipient(s) only.<u></u><u></u></span></pre>
<pre><span style="color:#888888">If you are not an intended recipient of this e-mail, you are hereby notified that any review, dissemination, distribution or duplication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete your copy from your system.<u></u><u></u></span></pre>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank">Openid-specs-ab@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><u></u><u></u></p>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div style="border:none;border-bottom:solid black 1.0pt;padding:0in 0in 0in 0in;margin-top:30.0pt;margin-bottom:12.0pt">
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<pre style="text-align:center"><hr size="3" width="100%" align="center"></pre>
<pre><br>Openid-specs-ab mailing list<br><a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank">Openid-specs-ab@lists.openid.net</a><br><a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br>
<br><u></u><u></u></pre>
</div>
</div>
<p class="MsoNormal">_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank">Openid-specs-ab@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><u></u><u></u></p>
</div>
</div>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank">Openid-specs-ab@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><u></u><u></u></p>
</div>
<p class="MsoNormal"><br>
<br clear="all">
<u></u><u></u></p>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<p class="MsoNormal">-- <br>
--Breno<u></u><u></u></p>
</div>
</div></div></div>
</div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>--Breno<br>
</div></div>