- From: Daniel Buchner <dbuchner@squareup.com>
- Date: Tue, 20 Sep 2022 04:37:09 -0500
- To: Daniel Goldscheider <daniel@goldscheider.com>
- Cc: Anders Rundgren <anders.rundgren.net@gmail.com>, W3C Credentials Community Group <public-credentials@w3.org>
- Message-ID: <CAMZRv4coBNjMgQiAMjubvWsMp9Zkt4mF3ExU8DdWz+jD7ghojw@mail.gmail.com>
Hello Daniel 1, Am I reading right that you're already into assembly of a specific stack of select components you're picking rather immediately after announcement of the org? May I ask how one can be at this stage so soon after announcing the org without having a somewhat preconceived set of components in mind? At Block we're curious as to why we may have been excluded from such formative discussions that apparently are already at the stage of component decision, so I'm trying to read the tea leaves a bit here. I guess I'd typically expect a group to reach out very broadly, certainly to big players in the space, before this point, especially given your indication that choices are underway. Are you going to be open to readjudicating these choices as folks actually have a chance to engage and evaluate them, or are you picking a stack now with the intent that anyone beyond the 'in group' who formed the org needs to snap to whatever you selected beforehand? Sorry if the questions I'm posing here are awkward to address, I'm just asking based on the perception I have from our vantage given the circumstance. - Daniel 2 On Tue, Sep 20, 2022, 2:42 AM Daniel Goldscheider <daniel@goldscheider.com> wrote: > Good morning everyone, > > I hope it’s not a breach of netiquette to answer the entire list. > > The aim is to create an open source core that contains many components > like Blink does for browsers with DOM, HTML, CSS, OpenGL, V8, etc. > > OWF will not create new standards and won’t publish its own wallet. > > A lot of companies are involved in the discussions including four credit > card schemes and Microsoft. > > We are currently discussing what protocols to start with and how the > wallet is invoked. If anyone here is interested to weigh in, please email > info@openwallet.foundation or me. > > Have a nice weekend, > > Daniel > > > > > On 17 Sep 2022, at 06:47, Anders Rundgren <anders.rundgren.net@gmail.com> > wrote: > > > https://www.linuxfoundation.org/press/linux-foundation-announces-an-intent-to-form-the-openwallet-foundation > > > > The merits of this proposal is yet to be seen but presumably it builds > on that the wallet is a part of the native platform. This is IMO also the > only solution that can be certified. > > > > Personally, I would though build a wallet around FIDO. The recent > additions to FIDO and its companion standard WebAuthn are simply put > unrealistic to copy. > > > > That using FIDO results in signature schemes that doesn't map directly > to JOSE and COSE is a no-issue compared to the rest. I have succeed using > raw FIDO signatures for payment authorizations with almost no effort at > all: https://github.com/cyberphone/ctap2-sign > > > > Using FIDO (not WebAuthn) a wallet function would constitute of > > Standard FIDO Key + Custom Meta Data + Custom Process > > where the Custom Meta Data also holds a handle (credentialId) to the > associated FIDO key. > > > > However, the problem I have been struggling with like forever remains: > the proper way of invoking a native wallet from the Web [*]. Another issue > which apparently nobody is dealing with, is how to invoke a wallet in the > physical world. Although QR codes work, but they are way less useful than > Apple Pay with NFC. This topic may be out of scope for the W3C but in the > same way as with payments, the market doesn't care :) > > > > Cheers, > > Anders > > > > > > *] Due to the browser tech monopoly, browser innovation is effectively > limited to Google and Apple. Well, Microsoft could play another role since > they have discontinued their Microsoft Wallet. > > >
Received on Tuesday, 20 September 2022 09:37:36 UTC