Re: [Payments Architecture] A vision statement for the web payments architecture work

On 19 May 2015 at 11:08, Adrian Hope-Bailie <adrian@hopebailie.com> wrote:

> Hi Melvin,
>
> Are you referring to this line:
> * Secure by design
>

Yes


>
> I agree with what you're saying but I don't think it's necessary to strip
> this statement out completely. I think it's important that we state that
> the design is intended to promote security, however that ultimately
> translates into the implementation.
>
> Do you have a suggestion for an alternative wording?
>

I dont.  I envision web payments ecosystem to be self healing,
decentralized and fault tolerant.  It's quite difficult to put that into a
vision statement, because highly connected, scale invariant systems, tend
to be self organizing.  For example, when dealing with family members, you
may need low security, but when buying health insurance, higher security.


>
>
> On 19 May 2015 at 08:58, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
>
>>
>>
>> On 18 May 2015 at 14:58, Adrian Hope-Bailie <adrian@hopebailie.com>
>> wrote:
>>
>>> The IG are trying to finalize a short vision statement for the work we
>>> are undertaking, specifically with regards to the architecture we will be
>>> developing, for payments on the Web.
>>>
>>> The document is intended to express the technical principles we consider
>>> important in the design of the architecture and I'd appreciate some input
>>> on it's content.
>>>
>>> The document is also intended to be short, less than a page, and as such
>>> not too detailed. It's purpose is to frame the design and allow all
>>> stakeholders to agree up front that we are aligned on our vision.
>>>
>>> The audience should be broad, and not necessarily payments or Web
>>> technology experts, but since this is related to the design of a technical
>>> architecture the content will be technical.
>>>
>>> Please have a look at the first draft of this document and send me your
>>> feedback.
>>>
>>> https://www.w3.org/Payments/IG/wiki/Payment_Agent_Task_Force/Vision
>>>
>>
>> Personally I would scratch the part on security.  Not because I dont
>> value security, but because it's quite a subjective term.  Satoshi said, "A
>> certain per centage of fraud is accepted as unavoidable".  I prefer that
>> kind of wording.  Also, security can come at the expense of growth and
>> scalability.  The value proposition of the web is not as a secure system,
>> much like the post office, telephone or email, but rather, as a highly
>> connected self organizing system capable of unexpected reuse.  Systems like
>> bitcoin and ripple are relatively secure but dont scale too well, systems
>> like the web are relatively insecure but scale well.  What we have tended
>> to notice with large systems is that security increases with scale.
>>
>>
>>>
>>> Thanks,
>>> Adrian
>>>
>>> p.s. Thanks Ian Jacobs for the initial work in getting this started.
>>>
>>
>>
>

Received on Tuesday, 19 May 2015 09:34:20 UTC