- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Thu, 24 Apr 2014 09:35:46 -0400
- To: public-webpayments@w3.org
On 04/24/2014 05:23 AM, Anders Rundgren wrote: >> The Identity Credentials stuff is almost completely decoupled from >> the 2nd factor authentication problem (as it should be). > > I think that we simply have rather different visions about the Need, > Authentication, Deployment and Usage of identity information in > payment systems. Perhaps, but I'm trying to understand your vision and so far I'm having a hard time putting everything that you're saying together into a cohesive proposal. I'm sure the story line is there, but I don't understand what it is, and that's a problem since you seem to be very adamant about the current state of things being terrible. I want to make sure that this group doesn't make the same mistakes you are highlighting, but in order to do that, we have to understand what you think the mistakes are. So far, I've heard you complain about FIDO's approach, Web Crypto and SE avoidance, and the failed security systems. You clearly know a lot about this space, so we'd be foolish not to listen. We've seen a few proposals from you wrt. mobile device authentication, but I can't seems to connect the dots between all of these items. Perhaps you could write up a blog post or some narrative about exactly what you'd like to see happen over the next 2-3 years. Try to just talk about a specific area that you'd like to see fixed. For example, a narrative like this would be helpful: http://manu.sporny.org/2014/credential-based-login/ -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: The Marathonic Dawn of Web Payments http://manu.sporny.org/2014/dawn-of-web-payments/
Received on Thursday, 24 April 2014 13:36:09 UTC