attachment
<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:394550648;
mso-list-type:hybrid;
mso-list-template-ids:701670056 67698703 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l1
{mso-list-id:727337249;
mso-list-type:hybrid;
mso-list-template-ids:-2118119370 -1 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l1:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l1:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l1:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style></head><body lang=EN-US><div class=WordSection1><p class=MsoNormal>Thanks for addressing a very difficult subject. The diagrams contain a lot of information but are unreadable without magnification. The alternative would be to break each transaction into multiple figures, which would also be cumbersome (and a lot more work).</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>A few trivial items related to the possible confusion between authentication and authorization. ( although I may have this wrong)</p><p class=MsoNormal><o:p> </o:p></p><ol style='margin-top:0in' start=1 type=1><li class=MsoListParagraph style='margin-left:0in;mso-list:l1 level1 lfo1'>Line 155 “Andy enters his credential to prove access…” Presumably, Andy enters his credentials to support he is who he says he is, which may or may not provide access. Perhaps just “ Andy enters his credential.”</li></ol><p class=MsoNormal><o:p> </o:p></p><ol style='margin-top:0in' start=2 type=1><li class=MsoListParagraph style='margin-left:0in;mso-list:l1 level1 lfo1'>Canon commented “Sections 3.3.1 and 3.3.2 are exactly the same except one is for user Lisa and the other is for user Harry. One section is about Authentication Failure and the other is Authorization Failure. This is a bit confusing since the paragraphs are exactly the same except for the use case user name and the section titles.” I agree. Presumably one can have an account and a valid password but still nor be authorized to use the printer for some other reason. (para 5.1.3 and para 5.2.3 discuss this). The use cases should include a clear case of an authentication failure (unless it is out of scope for this document, in which case it should be under para 3.4.) </li></ol><p class=MsoListParagraph><o:p> </o:p></p><ol style='margin-top:0in' start=3 type=1><li class=MsoListParagraph style='margin-left:0in;mso-list:l1 level1 lfo1'>Although I may be missing it, the diagrams do not make clear what is an authentication failure vs an authorization failure. (indeed, the distinction between the terms in the diagrams is unclear in many cases, with the Authorization Service clearly doing authentication in many cases ). Aside from the Use Cases and the failure handling in section 5, the text does not appear to help in the distinction either. </li></ol><p class=MsoListParagraph><o:p> </o:p></p><p class=MsoListParagraph>I recognize that (I think) the common use is that the user is authorized on the basis of authentication credentials, thus:</p><p class=MsoListParagraph><o:p> </o:p></p><ol style='margin-top:0in' start=3 type=1><ol style='margin-top:0in' start=1 type=a><li class=MsoListParagraph style='margin-left:0in;mso-list:l1 level2 lfo1'>HTTP Status Code 401 Unauthorized: The request has not been applied because it lacks valid authentication credentials </li><li class=MsoListParagraph style='margin-left:0in;mso-list:l1 level2 lfo1'>The comment that the use of the 'oauth' authentication method … depends on the Printer supporting the “oauth-authorization-server-uri” Printer Description attribute). </li></ol></ol><p class=MsoNormal style='margin-left:.5in'>But some help in distinguishing an Authentication failure from an Authorization failure might be useful.</p><p class=MsoNormal style='margin-left:.5in'><o:p> </o:p></p><p class=MsoNormal style='margin-left:.5in'>Thanks.</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoListParagraph><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>