Re: Payment standardization wish-list for 2015

On 2014-12-29 18:58, Kingsley Idehen wrote:
> On 12/28/14 2:18 AM, Anders Rundgren wrote:
>> My payment standardization wish-list for 2015 only contains a single
>> item,
>> defining how untrusted web-applications are supposed to interact with the
>> trusted client platform.
>>
>
> What is an "untrusted web-application" ?

Technically all server applications that cannot be verified/recognized by the client platform.


> What is a "trusted web-application" ?

An application that is permitted accessing sensitive local resources.

> What is "trust" ?

The thing needed to enable the the previous item.


> How is "trust" attained?

That's the $1M question.  I have suggested certain solutions, other people
believe in trusted middleware and a bunch of people headed by Google tries
to solve this with user permissions.


>
>> If this is achieved (and with a reasonable amount of consensus...) the
>> W3C have resurrected
>> the web-browser from its current "dead-in-water" state with respect to
>> secure payments.
>
> The web-browser is one kind of Web (HTTP Network) user agent. That's it.
> It doesn't in anyway define or set the status quo for what's possible on
> the Web.

No, but if we are going to deprecate the browser, I think we need a new charter.

Hey guys, is this what you want???


>>
>>  From that point, the rest becomes pure engineering instead of "black
>> magic" .
>
> You need to understand your tools and the problem at hand before you can
> embark upon any kind of meaningful engineering :)
>
>
> Kingsley
>>
>> Sincerely,
>> Anders Rundgren
>>
>
>

Received on Monday, 29 December 2014 18:58:42 UTC