W3C home > Mailing lists > Public > public-interledger@w3.org > February 2016

Re: Registry Services [via Interledger Payments Community Group]

From: stéphane canon <stephane.canon@scarlet.be>
Date: Thu, 11 Feb 2016 17:27:22 +0100
Cc: Interledger Community Group <public-interledger@w3.org>
Message-Id: <5C4B7C70-4431-474E-BD75-59FF6CEC6026@scarlet.be>
To: Stefan Thomas <stefan@ripple.com>
It’s going to take me some time to digest all information in the few mails exchanged so far. Let’s first make a distinction between Identifier and Identity.

Identity: OpenId is indeed a good reference for Identity management.
Identifier: it is not just something that needs to be typed or clicked. It is something to be exchanged with potential payers. 
So, myAddress@myLedger would be fine if myLedger is the domain where myAddress is defined. It would help to have a registry of « ledger » but there are probably multiple solutions.
There are some additional requirements to be taken into account:
it might be convenient to use a « proxy » identifier such as an email, but I might have more accounts than email addresses.
Mobile number is used in some countries (UK PAYM). Same problem.
The « proxy » identifier need to be resolved to something unique.
in some cases, more security is needed and some form of tokenization might help. This is the case with Credit/Debit card number that can be used to instruct payments.
… 
Next, let’s try to clarify the value of « directory service » for Interledger. Can IPL have any kind of impact without this and without integrating the « legacy/existing » financial ecosystem (where we are all getting paid) ?

Stephane






> Le 11 févr. 2016 à 03:21, Stefan Thomas <stefan@ripple.com> a écrit :
> 
> Here are my two cents on the identifier issue:
> 
> Right now in the ILP prototype, destinations are expressed as URIs. From OpenID we know that exposing the user to URIs as identifiers was a terrible user experience that users strongly reject.
> 
> At Ripple we used to have identifiers like this: rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh and we introduced Ripple names which look like this: ~bob (pronounced "ripple Bob")
> 
> This might look reminiscent of Twitter usernames (@bob) or Square cashtags ($bob), which is no coincidence - the colleague <https://angel.co/gregkidd> who strongly advocated for these names at Ripple was also a first round investor in Twitter and an advisor at Square.
> 
> The lesson I took away from that whole experience was that creating a namespace like that without a central operator is hard. Namecoin is trying to do it, we were trying to do it, I'm strongly against making either effort a dependency of Interledger.
> 
> That leaves the "next best thing" which is federated identifiers. [username]@[domain.com <http://domain.com/>] Email uses them, OpenID Connect adopted them in their OpenID Connect Discovery spec <https://openid.net/specs/openid-connect-discovery-1_0.html>. Ripple used them as a hack <https://wiki.ripple.com/Federation_protocol> while we were working on Ripple names. They were extremely easy to build, developers had an easy enough time adopting them, they are the most decentralized thing that is actually production-ready and users have an ok time using them.
> 
> Identity is very hard and I applaud anyone who is working to create better solutions. But I've learned not to make a new identity protocol a dependency of your new payments protocol.
> 
> For any peer-to-peer payment solution on top of Interledger *today* that requires an identifier, I would recommend an [account]@[ledger domain] looking thing, e.g. bob@superpay.com <mailto:bob@superpay.com> which resolves to an ILP URI via webfinger. With any luck the scheme will get popular enough such that email providers let you set a wallet provider and your actual bob@gmail.com <mailto:bob@gmail.com> email address will redirect to your wallet. I'm fully aware of the awesome work that Manu Sporny, Mozilla (Persona) and many others have been doing on a scheme that doesn't require cooperation from the domain holder (Gmail in this case), but I don't think those efforts are production-ready today. The same goes for decentralized identity networks like Namecoin and identi.fi <http://identi.fi/>.
> 
> If you disagree, you don't have to convince me or anyone else, you just have to build a prototype of a protocol on top of ILP using whatever identifier you think is better. Once we have both options implemented, it'll be easier to decide which one we like.
> 
> On Wed, Feb 10, 2016 at 3:48 AM, W3C Community Development Team <team-community-process@w3.org <mailto:team-community-process@w3.org>> wrote:
> Hello,
> 
> Are there discussions around registry services ? I assume to handle transactions
> across ledger, one needs to identify the addresses and the ledgers. To interface
> with existing ledgers, we would need account number, servicing bank identifier
> ...
> 
> Thanks,
> 
> Stephane
> 
> 
> 
> ----------
> 
> This post sent on Interledger Payments Community Group
> 
> 
> 
> 'Registry Services'
> 
> https://www.w3.org/community/interledger/2016/02/10/registry-services/ <https://www.w3.org/community/interledger/2016/02/10/registry-services/>
> 
> 
> 
> Learn more about the Interledger Payments Community Group:
> 
> https://www.w3.org/community/interledger <https://www.w3.org/community/interledger>
> 
> 
> 
> 
Received on Saturday, 13 February 2016 10:49:22 UTC

This archive was generated by hypermail 2.3.1 : Saturday, 13 February 2016 10:49:23 UTC