- From: Tim Holborn <timothy.holborn@gmail.com>
- Date: Tue, 8 Apr 2014 20:23:57 +1000
- To: Joseph Potvin <jpotvin@opman.ca>
- Cc: Anders Rundgren <anders.rundgren.net@gmail.com>, Steven Rowat <steven_rowat@sunshine.net>, Web Payments CG <public-webpayments@w3.org>
I think TimBL built the first web-browser, not just a bunch of standards. from my understanding he also gave it away freely. world didn’t end. timh. On 8 Apr 2014, at 7:19 pm, Joseph Potvin <jpotvin@opman.ca> wrote: > RE: "If you work for a US tech giant you are not allowed to speak > openly about novel ideas for addressing a problem without first have > checked this with the legal department due to IPR issues." > > Anders, Also that's true in all sorts or contexts. For example, during > the years I worked in the Canadian government where I led the > accommodation of free/libre/open source business practices for a > decade, I had to clear media interviews and conference presentations > with Communications Branch, and run articles and book chapters by > legal counsel first. There's a normal protocol to all that, which when > followed, doesn't necessarily get in the way of novelty. It is more > work, but I always treated it as an opportunity to disseminate the > novel ideas to the comms people and the lawyers. In my current > private sector work, carefully managing the Intellectual Provenance > (IP) Rights boundary between the internally restricted and the > externally shared worked is a mutual interest. On the topic of > developers communicating effectively with lawyers, here's the section > we're assembling in the OSI's FLOW Syllabus: > http://osi.xwiki.com/bin/Projects/draft-flow-syllabus#HHowtoMakeitEasierforCorporateLegalCounseltoHelpYou > > RE: It's a battlefield out there if you didn't knew it... I guess > you feel that I'm a true pessimist, right? I'm not, I just believe > that most people would be quite happy "only" getting the core web > platform in a better shape for new and exciting missions! > > ... the truly novel stuff always requires honing one's real-life > "chess" skills, no only technology wizardry. > > joseph > > > > On Tue, Apr 8, 2014 at 4:14 AM, Anders Rundgren > <anders.rundgren.net@gmail.com> wrote: >> On 2014-04-08 02:11, Joseph Potvin wrote: >>> RE: members of [any group] will not, unless forced, take kindly to >>> anything that obstructs their interests (as they define them) >>> >>> There's nothing unique in that way about large companies. The same can >>> be said for any organization, including a local farmer's market. >> >> This is true. I would though like to add a constraint that not everybody is >> aware of: If you work for a US tech giant you are not allowed to speak openly >> about novel ideas for addressing a problem without first have checked this >> with the legal department due to IPR issues. >> >> As we can read in the trade press, a simple "slide unlock" feature is enough >> to get you in deep trouble. >> >> Due to this, only listing requirements is out of scope unless you restrict >> yourself to watered-downed nonsense statements like "payments must be secured". >> >>> >>> The earlier eCommerce work of the W3C, since it was underway at a time >>> when computing was very expensive, depended entirely on centralized >>> resourcing. In contrast, today, any smart group of geeks has the >>> computing and deployment power and create and operate an eCommerce >>> platform. But the earlier work ought to be reviewed for useful ideas. >>> That's why I think it can be useful to find somebody who was immersed >>> in that first round of efforts two decades ago. >> >> As I wrote there are tons of dead initiatives out there if somebody want >> to go over the casualties. I believe 3D Secure is a very good example >> of a failed standard that only banks in the EU still try to impose on >> their clients. However, the core idea has a lot of mileage if put >> in a better web platform which VISA and MasterCard never considered >> because then they would have had to talk to Microsoft & Netscape. >> There's a reason why on-line credit-card payments remains insecure and >> EMV-cards still come with the magstrip + security info in clear text... >> >> The Web Payments CG faces a bigger problem than VISA and MasterCard: >> Due to the browser vendors' decision to "outlaw" plugins you can't >> introduce _anything_ new the client side without their participation >> and support. I do not see much interest from these guys. >> >> In fact, even in W3C's WebCrypto applications were put in the back-seat. >> 95% of the postings are from pretty opinionated cryptographers whose prime >> interest is trying to save the world from using "bad crypto algorithms". >> (in reality most crypto-related screw-ups are due to incorrect usage of crypto). >> >> I had a similar experience in TrustedComputingGroup where I repeatably >> (and to many peoples' dismay) questioned why payments etc. were not dealt >> with by any of the 10 TCG sub-groups. It also took way too long to get >> the stuff out. "Perfection" is great but unfortunately what looks fine >> on the drawing board may not work exactly as planned IRL. MSFT _manadate_ >> TPMs, other vendors are working with their own and IMO better concepts: >> http://images.apple.com/ipad/business/docs/iOS_Security_Feb14.pdf >> >> It's a battlefield out there if you didn't knew it... >> >> I guess you feel that I'm a true pessimist, right? I'm not, I just believe >> that most people would be quite happy "only" getting the core web platform >> in a better shape for new and exciting missions! >> >> Thanx, >> Anders >> >> >>> >>> Joseph Potvin >>> >>> >>> On Mon, Apr 7, 2014 at 6:51 PM, Steven Rowat <steven_rowat@sunshine.net> wrote: >>>> Greetings, >>>> >>>>> Anders' law of standardization: >>>>> Innovation is a fuzzy process. Standardization is fuzzy but in another >>>>> way. >>>>> Do not combine these activities unless everybody is prepared for a rocky >>>>> ride. >>>> >>>> >>>> I'm inclined to agree with Anders comments in response to Joseph (about the >>>> history of W3C following through on standards to do with payments). >>>> >>>> Although it's tangential to Joseph's questions, I'd like to add my own >>>> experience with being a member/contributing to the W3C, about 5-7 years ago: >>>> >>>> I became concerned that there was a pivotal change in the playing field >>>> afoot with HTML 5, namely that HTML 4 and earlier were markup languages, >>>> which any literate person could engage in, while HTML 5 appeared to be >>>> Javascript and DOM based in a much more complex way, essentially ceding the >>>> web-page writing field to paid professional specialists. >>>> >>>> More germane to the current situation is that I didn't feel I was given a >>>> thorough hearing about my concerns, in the sense that the directors and >>>> editors of the HTML5 spec didn't see this as a problem. These directors and >>>> editors were members of large corporations (Apple, etc.), which may have >>>> been, and probably was, related to this reception. >>>> >>>> So I also caution that "there's a lack of openness with the W3C" as Anders >>>> said, in the sense that members of large corporations will not, unless >>>> forced, take kindly to anything that obstructs their interests (as they >>>> define them). If members of such corporations are in positions of power in >>>> the writing or passing of the web payments specs then that might be a >>>> problem. I don't know enough about the current political setup to know if >>>> this is the case in this situation, but if it is then I'd speculate that no >>>> new level playing field could be created for web payments by the W3C route. >>>> >>>> Steven Rowat >>>> >>>> >>>> >>>> On 4/7/14 7:18 AM, Anders Rundgren wrote: >>>>> >>>>> Hi Joseph, >>>>> I only have a 18 year perspective on standardization in the payment and EC >>>>> space. >>>>> >>>>> It is important realizing that W3C is only one of quite a bunch of SDOs >>>>> and that W3C >>>>> to date have been much more successful with basic technology than with >>>>> applications. >>>>> >>>>> If we then enter into the world payments there is a veritable desert out >>>>> there >>>>> with dead payment standards and initiatives. >>>>> >>>>> One of the problems is that there's no documented interest among leading >>>>> banks >>>>> to standardize anything in open. The Web Payment Workshop delegates may >>>>> differ >>>>> but I never saw any bank folks in W3C's WebCrypto although it was said >>>>> that one >>>>> of the use-cases were high-value transactions. >>>>> >>>>> There's also a lack of openness within the W3C itself. The current W3C SE >>>>> API >>>>> standardization effort (which is highly related to payments) is mum on the >>>>> fact >>>>> that SIM-cards are owned by operators which makes such a standard >>>>> inaccessible >>>>> for probably some 99% of the potential market. >>>>> >>>>> Personally, I stick to business-model-neutral "nuts and bolts" technology. >>>>> The challenge is understanding "just enough" of the application space >>>>> without >>>>> getting lost there :-) >>>>> >>>>> Compared to the "good old days", standardization has become much more >>>>> difficult >>>>> since it is challenged by companies like Google who can do whatever they >>>>> want. >>>>> The tempo has also increased while automatic updates reduce the need for >>>>> "perfection". >>>>> Open source has turned out to be a strong alternative to real standards. >>>>> >>>>> Anders' law of standardization: >>>>> Innovation is a fuzzy process. Standardization is fuzzy but in another >>>>> way. >>>>> Do not combine these activities unless everybody is prepared for a rocky >>>>> ride. >>>>> >>>>> Cheers, >>>>> Anders >>>>> >>>>> On 2014-04-07 13:15, Joseph Potvin wrote: >>>>>> >>>>>> Further to the wrap-up discussion about the creating on an Interest Group >>>>>> http://www.w3.org/2013/10/payments/minutes/2014-03-25-wrapup/ >>>>>> >>>>>> Does anyone on these lists have the "two-decades view" of W3C >>>>>> involvement with this topic? >>>>>> http://www.w3.org/ECommerce/ >>>>>> http://www.w3.org/TR/EC-related-activities >>>>>> http://www.w3.org/ECommerce/Micropayments/ >>>>>> http://www.w3.org/TR/NOTE-jepi >>>>>> >>>>>> Three questions: >>>>>> >>>>>> 1. What happened to those original efforts towards a W3C Specification >>>>>> on eCommerce that would have included specifications on web payments? >>>>>> >>>>>> 2. What should we learn from substance and fate of those earlier efforts? >>>>>> >>>>>> 3. Is there a need to "start" a new IG? Or might the W3C eCommerce IG >>>>>> just re-convene, update its charter, and carry on? >>>>>> >>>>>> Joseph Potvin >>>>>> >>>>>> >>>>>> On Thu, Apr 3, 2014 at 11:51 AM, Stephane Boyera <boyera@w3.org> wrote: >>>>>>> >>>>>>> Dear All, >>>>>>> >>>>>>> Thanks to the great help from the Web Payments Community Group and Manu >>>>>>> Sporny, we just published a new cleaned version of the minutes of the >>>>>>> workshop at >>>>>>> http://www.w3.org/2013/10/payments/minutes/ >>>>>>> The agenda with links to slides and presentations is available at >>>>>>> http://www.w3.org/2013/10/payments/agenda >>>>>>> >>>>>>> We are planning to circulate a draft report for your comments in the >>>>>>> next 10 >>>>>>> days. >>>>>>> >>>>>>> Best >>>>>>> Stephane >>>>>>> -- >>>>>>> Stephane Boyera stephane@w3.org >>>>>>> W3C +33 (0) 6 73 84 87 27 >>>>>>> BP 93 >>>>>>> F-06902 Sophia Antipolis Cedex, >>>>>>> France >>>>>>> >>>>>> >>>>> >>>>> >>>>> >>>> >>> >> >
Received on Tuesday, 8 April 2014 10:29:55 UTC