Re: Registry Services [via Interledger Payments Community Group]

On 11 February 2016 at 17:27, stéphane canon <stephane.canon@scarlet.be>
wrote:

> It’s going to take me some time to digest all information in the few mails
> exchanged so far. Let’s first make a distinction between Identifier and
> Identity.
>

Good idea


>
> Identity: OpenId is indeed a good reference for Identity management.
>

Not really.  The original OpenID (codename yadis) was excellent, but it
suffered from feature bloat and politics over the years.  It's worth
understanding.  If openid had gone the right path, or kept to its original
vision, we probably would have this problem solved by now.


> Identifier: it is not just something that needs to be typed or clicked. It
> is something to be exchanged with potential payers.
>

It can be all of those things.  It's a string of characters that denotes
something.  Like a word or a name.  That thing denoted is usually what we
call an "Agent" meaning a person or robot, that kind of thing.


> So, myAddress@myLedger would be fine if myLedger is the domain where
> myAddress is defined.
>

Not really.  This is a local identifer with limited use on a global scale.
A machine doesnt really know what to do with it, unless by good fortune it
finds other identifers similar and has some instructions.  Getting those
instructions to lots of machines is the challenge to grow the network.
OTOH if you use URIs machines can understand this already.


> It would help to have a registry of « ledger » but there are probably
> multiple solutions.
>

yes


> There are some additional requirements to be taken into account:
>
>    - it might be convenient to use a « proxy » identifier such as an
>    email, but I might have more accounts than email addresses.
>
> yes, what is referred to in the architecture of the world wide web as an
"indirect identifier"


>
>    - Mobile number is used in some countries (UK PAYM). Same problem.
>
> yes but thats ok, people can have more than one account

>
>    - The « proxy » identifier need to be resolved to something unique.
>
>
yes, but luckily one very widely used system has a built in resolver,
namely http (ie the web)

>
>    - in some cases, more security is needed and some form of tokenization
>    might help. This is the case with Credit/Debit card number that can be used
>    to instruct payments.
>
>
Sort of yes.  Here the identifier is also the password.

>
>    - …
>
> Next, let’s try to clarify the value of « directory service » for
> Interledger. Can IPL have any kind of impact without this and without
> integrating the « legacy/existing » financial ecosystem (where we are all
> getting paid) ?
>

It can.  But integrating existing sources grows the network, which leads to
greater impact.  It would probably be safe to assume this is the path of
least resistance.


>
> Stephane
>
>
>
>
>
>
> Le 11 févr. 2016 à 03:21, Stefan Thomas <stefan@ripple.com> a écrit :
>
> Here are my two cents on the identifier issue:
>
> Right now in the ILP prototype, destinations are expressed as URIs. From
> OpenID we know that exposing the user to URIs as identifiers was a terrible
> user experience that users strongly reject.
>
> At Ripple we used to have identifiers like
> this: rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh and we introduced Ripple names
> which look like this: ~bob (pronounced "ripple Bob")
>
> This might look reminiscent of Twitter usernames (@bob) or Square cashtags
> ($bob), which is no coincidence - the colleague
> <https://angel.co/gregkidd> who strongly advocated for these names at
> Ripple was also a first round investor in Twitter and an advisor at Square.
>
> The lesson I took away from that whole experience was that creating a
> namespace like that without a central operator is hard. Namecoin is trying
> to do it, we were trying to do it, I'm strongly against making either
> effort a dependency of Interledger.
>
> That leaves the "next best thing" which is federated identifiers.
> [username]@[domain.com] Email uses them, OpenID Connect adopted them in
> their OpenID Connect Discovery spec
> <https://openid.net/specs/openid-connect-discovery-1_0.html>. Ripple used
> them as a hack <https://wiki.ripple.com/Federation_protocol> while we
> were working on Ripple names. They were extremely easy to build, developers
> had an easy enough time adopting them, they are the most decentralized
> thing that is actually production-ready and users have an ok time using
> them.
>
> Identity is very hard and I applaud anyone who is working to create better
> solutions. But I've learned not to make a new identity protocol a
> dependency of your new payments protocol.
>
> For any peer-to-peer payment solution on top of Interledger *today* that
> requires an identifier, I would recommend an [account]@[ledger domain]
> looking thing, e.g. bob@superpay.com which resolves to an ILP URI via
> webfinger. With any luck the scheme will get popular enough such that email
> providers let you set a wallet provider and your actual bob@gmail.com
> email address will redirect to your wallet. I'm fully aware of the awesome
> work that Manu Sporny, Mozilla (Persona) and many others have been doing on
> a scheme that doesn't require cooperation from the domain holder (Gmail in
> this case), but I don't think those efforts are production-ready today. The
> same goes for decentralized identity networks like Namecoin and identi.fi.
>
> If you disagree, you don't have to convince me or anyone else, you just
> have to build a prototype of a protocol on top of ILP using whatever
> identifier you think is better. Once we have both options implemented,
> it'll be easier to decide which one we like.
>
> On Wed, Feb 10, 2016 at 3:48 AM, W3C Community Development Team <
> team-community-process@w3.org> wrote:
>
>> Hello,
>>
>> Are there discussions around registry services ? I assume to handle
>> transactions
>> across ledger, one needs to identify the addresses and the ledgers. To
>> interface
>> with existing ledgers, we would need account number, servicing bank
>> identifier
>> ....
>>
>> Thanks,
>>
>> Stephane
>>
>>
>>
>> ----------
>>
>> This post sent on Interledger Payments Community Group
>>
>>
>>
>> 'Registry Services'
>>
>> https://www.w3.org/community/interledger/2016/02/10/registry-services/
>>
>>
>>
>> Learn more about the Interledger Payments Community Group:
>>
>> https://www.w3.org/community/interledger
>>
>>
>>
>>
>
>

Received on Saturday, 13 February 2016 12:37:00 UTC