What is a claimant? Seems like we need to have that defined before we get to this. (tcj) I really dislike this definition, it seems to get nearly every single point out-of-sync with current usage. It mostly defines what industry calls a credential. In the case of secret, it is not even consistent with the use of token to mean something like a smart card. In the case the token is the physical devices that holds the secret. No one I have every heard as called a secret key inside a smart card to be a "token".
This definition does not help create clear documentation. If it cannot be fixed to correspond to common usage, I recommend that it be deleted entirely.
my contribution --> token 1) a device that contains a secret used in establishing the right to use an identity. 2> a secure data structure that holds one or more identity claims
I strongly dislike the use of the word "claimant" in any case as it defines the value of an attribute of a user and is not an instance class. The user will progress from claimant to "authorized user" by a change of state, not by a change to the entity.