<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Wed, May 17, 2017 at 12:21 AM, Monty Taylor <span dir="ltr"><<a href="mailto:mordred@inaugust.com" target="_blank">mordred@inaugust.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="HOEnZb"><div class="h5">On 05/16/2017 02:44 PM, Sean Dague wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 05/16/2017 03:40 PM, Monty Taylor wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 05/16/2017 10:20 AM, Doug Hellmann wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Excerpts from Chris Dent's message of 2017-05-16 15:16:08 +0100:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Tue, 16 May 2017, Monty Taylor wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
FWIW - I'm un-crazy about the term API Key - but I'm gonna just roll<br>
with<br>
that until someone has a better idea. I'm uncrazy about it for two<br>
reasons:<br>
<br>
a) the word "key" implies things to people that may or may not be<br>
true here.<br>
If we do stick with it - we need some REALLY crisp language about<br>
what it is<br>
and what it isn't.<br>
<br>
b) Rackspace Public Cloud (and back in the day HP Public Cloud) have<br>
a thing<br>
called by this name. While what's written in the spec is quite<br>
similar in<br>
usage to that construct, I'm wary of re-using the name without the<br>
semantics<br>
actually being fully the same for risk of user confusion. "This uses<br>
api-key... which one?" Sean's email uses "APPKey" instead of<br>
"APIKey" - which<br>
may be a better term. Maybe just "ApplicationAuthorization"?<br>
</blockquote>
<br>
"api key" is a fairly common and generic term for "this magical<br>
thingie I can create to delegate my authority to some automation".<br>
It's also sometimes called "token", perhaps that's better (that's<br>
what GitHub uses, for example)? In either case the "api" bit is<br>
pretty important because it is the thing used to talk to the API.<br>
<br>
I really hope we can avoid creating yet more special language for<br>
OpenStack. We've got an API. We want to send keys or tokens. Let's<br>
just call them that.<br>
<br>
</blockquote>
<br>
+1<br>
</blockquote>
<br>
Fair. That's an excellent argument for "api key" - because I certainly<br>
don't think we want to overload 'token'.<br>
</blockquote>
<br>
As someone who accidentally named "API Microversions", I fully cede<br>
naming territory to others here.<br>
</blockquote>
<br></div></div>
I named "jeepyb" on _purpose_.<br>
<br>
For those playing at home, that's a phoneticization of "GPB" which is an otherwise never-used acronym for "Gerrit Project Builder".<br>
<br>
/me hides<div class="HOEnZb"><div class="h5"><br></div></div></blockquote><div>It seems like there is general agreement on the review that "api key" is a bad name. Thoughts on renaming it "application key" / "app key" (what Ron proposed in an earlier version of this spec)?</div><div><br></div><div>Colleen</div></div></div></div>