Re: Linked Data for "Tokenization Elimination" from Kingsley Idehen on 2015-09-14 (public-webpayments@w3.org from September 2015)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Mon, 14 Sep 2015 17:28:56 -0400
To: public-webpayments@w3.org
Message-ID: <55F73C18.2090708@openlinksw.com>

On 9/13/15 12:10 AM, Anders Rundgren wrote:
> Hi Guys,
>
> I'm not much into linked data but suddenly I had inadvertently (!)
> "reinvented" some flavor
> of that anyway.  My attempt to replace the (in practice) very
> centralized Tokenization concept
> with a (Provider-wise) fully distributed system requires published
> "Authority" objects by
> Payment providers (banks) and Card processors (aka Acquirers).
>
> Authority objects contain the following:
> - An entity signature which can be checked for correctness (like is
> this acquirer authentic?)
> - Current entity encryption keys
> - A URL for posting transaction requests
>
> Payment providers are supposed to get the applicable Card processor's URL
> through the Merchant's requests.  The payment processor in turn in
> turn use
> the encryption keys to protect card data when returning the response
> to the Merchant.
>
> {
>   "@context": "http://xmlns.webpki.org/webpay/v1",
>   "@qualifier": "Authority",
>   "authorityUrl": "https://cardprocessor.com/webpay-acquirer/authority",
>   "transactionUrl": "https://cardprocessor.com/webpay-acquirer/acquire",
>   "encryptionParameters":
>     {
>       "dataEncryptionAlgorithm": "A128CBC-HS256",
>       "keyEncryptionAlgorithm": "ECDH-ES",
>       "publicKey":
>         {
>           "type": "EC",
>           "curve": "P-256",
>           "x": "NnHSMo1XizSBAba3pLMLwjpEHTF9E1tVAdWSoOFMI1I",
>           "y": "1GdQEZwRUkFy6m2uaCffDwsAWKnfEP_LqcC9ONcjBbE"
>         }
>     },
>   "timeStamp": "2015-09-13T03:16:59Z",
>   "expires": "2016-09-13T00:00:00Z",
>   "signature":
>     {
>       "algorithm": "ES256",
>       "signerCertificate":
>         {
>           "issuer": "CN=Acquirer Network Sub CA5,C=US",
>           "serialNumber": "1441431165234",
>           "subject":
> "CN=cardprocessor.com,2.5.4.5=#1306383039393536,C=US"
>         },
>       "certificatePath":
>         [
>           "MIIBvzCCAWOgAwIBAgIGA....V4zaPKWtOj1Cs1AJyVV0A",
>           "MIIDdDCCAVygAwIB....SgxJhJMBY90ltRkY4kTHWqv-"
>         ],
>       "value": "nd_KH6RAavU3qDT8TQd....KpqdPbzypIULjRaAGSqvI1jxQ"
>     }
> }
>
> BTW, try to do this using IETF JOSE and you'll see why JOSE won't make
> it in payments!
>
> WDYT?
>
> Anders 

Linked Data means HTTP URIs resolve. Your context uses a URI that
doesn't resolve.

RDF != XML (where HTTP URIs utility got utterly mangled).

Best you pass your JSON-LD through some verifiers [1][2]

Links:

[1] http://rdf.greggkellogg.net/distiller
[2] http://json-ld.org/playground/ .

-- 
Regards,

Kingsley Idehen       
Founder & CEO 
OpenLink Software     
Company Web: http://www.openlinksw.com
Personal Weblog 1: http://kidehen.blogspot.com
Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Monday, 14 September 2015 21:29:20 UTC