- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sun, 03 Aug 2014 07:04:50 +0200
- To: Manu Sporny <msporny@digitalbazaar.com>, Web Payments CG <public-webpayments@w3.org>
- CC: "public-webid@w3.org" <public-webid@w3.org>, "public-rww@w3.org" <public-rww@w3.org>
On 2014-08-03 03:24, Manu Sporny wrote:> On 08/02/2014 04:26 PM, Anders Rundgren wrote: >> AWWW is great but the competition in the form of centralized >> super-providers can offer >> >> * Convenience > > Out of your list, this is really the only value-add that a centralized > super-provider can provide. However, this is true for any super-provider > technology that competes with AWWW. I don't see a new argument here, > it's the same one that's been used to argue against the Web since its > inception. > > The other three items either are 1) already being built into the web > platform as we speak, or 2) unnecessary for any of this stuff to become > a success. This is not entirely correct. Mozilla is in fact building new core web-technology for supporting MNO-based payments: https://bugzilla.mozilla.org/show_bug.cgi?id=879861 > * Trusted UI - unnecessary > * Strong user authentication - WebCrypto, U2F > * Secure key storage - U2F If you use U2F you effectively get a trusted UI "for free". What I lack is some kind of write-up showing how U2F can support all *four* qualities mentioned above and that in a distributed fashion. To me this is a fundamental issue and I wouldn't take a single step forward without having resolved it. BTW, I think this would be a very useful "exercise" for the group as well :-) Note: it *may* very well be possible but I just don't see how. > Your argument isn't lost on me, though. Yes, these super-providers are > among the most powerful organizations in the world, yes they have a lot > of money, yes they have armies of engineers. That said, for some reason, > they keep picking to deploy their products on the Web and continue to > contribute to the Web's core architecture. These large organizations > also re-use good Web technologies if it suits their purposes. > > To give you a concrete example, there was no large organization backing > JSON-LD. Almost the entirety of the technical work and standardization > of that technology was done by volunteers (and Digital Bazaar's paid > engineers). We sunk several hundred thousand dollars of our own money > into the standard (a fantastic ROI, considering the uptake of JSON-LD). > > Google, Microsoft, Yahoo!, and Yandex are among the companies that now > use JSON-LD. They use it because it solved a problem for them in an > elegant way. The same could be true for the Web Payments work as well as > the Credentials work. Time will tell, but we've done this before against > worse odds. > > Success depends primarily on making sure the right incentives are in > place for the big players: > > http://community.badvoltage.org/t/1x21-everything-old-is-old-again/2053/30?u=msporny > >> Can a comparatively crippled decentralized web platform without any >> visible big-vendor support really make a change? > > What Kingsley said. The Web platform has done just fine w/o big backers > kicking off new projects. The big-vendor support typically doesn't come > in the beginning, it comes at the end, after the technology is almost > fully baked. I know of a very large number of Web technologies that were > created by individuals or small companies, only later to be picked up by > the technology giants. The giants help the stuff scale, and they do so > out of self-interest. This stuff almost always starts out as a small > initiative run by a few people. > > As for no visible big-vendor support... have you looked at the > participants in the Web Payments Workshop? There are numerous > big-vendors in that list... and some of them have already committed > engineers toward whatever future work we may do: > > http://www.w3.org/2013/10/payments/agenda.html#participants > > I can tell you one thing for certain. No other spec work that I've been > involved in has ever had the sort of support we have going into the Web > Payments and Credentials work. Unfortunately, I can't talk about the big > companies that are committing engineers yet, but you'll see who they are > in time. > > In summary, new Web technology doesn't need a big backer during its > development to be successful. The vast majority of successful > technologies didn't have that sort of support. That said, the Web > Payments and Credential work do have big backers already, and who they > are will become clear after the "official" work begins at the end of > September. > > The big question to you is, what's the alternative? That's a good question! IMO, it depends entirely on what the goal is. For supporting immature markets like BitCoin, I'm sure WebPayments will be quite usable. If you OTOH target the *traditional* payment players I believe you need something that makes them more comparable to the super- providers (which they [rightfully] fear) to ever get any attention. Unfortunately this *extremely divided lot* won't spend a nickel on open projects (if you look back they never have). Microsoft would had been an excellent partner for taking on this market but they seem stuck with their AD-flavored enterprise-version of the Internet. FWIW, I personally continue with with this segment since U2F (in its current incarnation NB...), does not meet the needs of EU and Asian banks who simply wants PKI. Anders > > -- manu >
Received on Sunday, 3 August 2014 05:05:23 UTC