- From: Daniel Buchner <dbuchner@squareup.com>
- Date: Tue, 20 Sep 2022 05:01:48 -0500
- To: Kaliya Identity Woman <kaliya@identitywoman.net>
- Cc: Daniel Goldscheider <daniel@goldscheider.com>, Anders Rundgren <anders.rundgren.net@gmail.com>, W3C Credentials Community Group <public-credentials@w3.org>
- Message-ID: <CAMZRv4cmP2ThLvnKXAaWDkrBf3AWw3a-=E-Szcj5n80yCujS8A@mail.gmail.com>
Hey Kaliya, sure, happy to connect with you and the folks you alluded to. However, I do want Other Daniel to answer the questions I asked for the benefit of everyone here, because the way this is being pushed out is a significant concern for anyone who reads that component selection is underway days after an announcement of an org they were not looped into beforehand. I am not accusing anyone of anything, I'm just noting the obvious 'bang bang' nature of this and wondering what I am supposed to think, do, and take away from it. - This Daniel On Tue, Sep 20, 2022, 4:50 AM Kaliya Identity Woman < kaliya@identitywoman.net> wrote: > It isn’t “mine” but I know the people working on it. > > Do you want to be connected? > > > > Sent from my iPhone > > On Sep 20, 2022, at 10:39 AM, Daniel Buchner <dbuchner@squareup.com> > wrote: > > > Hello Daniel 1, > > Am I reading right that you're already into assembly of a specific stack > of select components you're picking rather immediately after announcement > of the org? May I ask how one can be at this stage so soon after announcing > the org without having a somewhat preconceived set of components in mind? > > At Block we're curious as to why we may have been excluded from such > formative discussions that apparently are already at the stage of component > decision, so I'm trying to read the tea leaves a bit here. I guess I'd > typically expect a group to reach out very broadly, certainly to big > players in the space, before this point, especially given your indication > that choices are underway. > > Are you going to be open to readjudicating these choices as folks actually > have a chance to engage and evaluate them, or are you picking a stack now > with the intent that anyone beyond the 'in group' who formed the org needs > to snap to whatever you selected beforehand? > > Sorry if the questions I'm posing here are awkward to address, I'm just > asking based on the perception I have from our vantage given the > circumstance. > > - Daniel 2 > > On Tue, Sep 20, 2022, 2:42 AM Daniel Goldscheider <daniel@goldscheider.com> > wrote: > >> Good morning everyone, >> >> I hope it’s not a breach of netiquette to answer the entire list. >> >> The aim is to create an open source core that contains many components >> like Blink does for browsers with DOM, HTML, CSS, OpenGL, V8, etc. >> >> OWF will not create new standards and won’t publish its own wallet. >> >> A lot of companies are involved in the discussions including four credit >> card schemes and Microsoft. >> >> We are currently discussing what protocols to start with and how the >> wallet is invoked. If anyone here is interested to weigh in, please email >> info@openwallet.foundation or me. >> >> Have a nice weekend, >> >> Daniel >> >> >> >> > On 17 Sep 2022, at 06:47, Anders Rundgren < >> anders.rundgren.net@gmail.com> wrote: >> > >> https://www.linuxfoundation.org/press/linux-foundation-announces-an-intent-to-form-the-openwallet-foundation >> > >> > The merits of this proposal is yet to be seen but presumably it builds >> on that the wallet is a part of the native platform. This is IMO also the >> only solution that can be certified. >> > >> > Personally, I would though build a wallet around FIDO. The recent >> additions to FIDO and its companion standard WebAuthn are simply put >> unrealistic to copy. >> > >> > That using FIDO results in signature schemes that doesn't map directly >> to JOSE and COSE is a no-issue compared to the rest. I have succeed using >> raw FIDO signatures for payment authorizations with almost no effort at >> all: https://github.com/cyberphone/ctap2-sign >> > >> > Using FIDO (not WebAuthn) a wallet function would constitute of >> > Standard FIDO Key + Custom Meta Data + Custom Process >> > where the Custom Meta Data also holds a handle (credentialId) to the >> associated FIDO key. >> > >> > However, the problem I have been struggling with like forever remains: >> the proper way of invoking a native wallet from the Web [*]. Another issue >> which apparently nobody is dealing with, is how to invoke a wallet in the >> physical world. Although QR codes work, but they are way less useful than >> Apple Pay with NFC. This topic may be out of scope for the W3C but in the >> same way as with payments, the market doesn't care :) >> > >> > Cheers, >> > Anders >> > >> > >> > *] Due to the browser tech monopoly, browser innovation is effectively >> limited to Google and Apple. Well, Microsoft could play another role since >> they have discontinued their Microsoft Wallet. >> >> >>
Received on Tuesday, 20 September 2022 10:02:15 UTC