Re: [Payments Architecture] A vision statement for the web payments architecture work from Adrian Hope-Bailie on 2015-05-19 (public-webpayments-ig@w3.org from May 2015)

From: Adrian Hope-Bailie <adrian@hopebailie.com>
Date: Tue, 19 May 2015 20:02:14 +0200
To: Melvin Carvalho <melvincarvalho@gmail.com>
Cc: Web Payments IG <public-webpayments-ig@w3.org>, Web Payments CG <public-webpayments@w3.org>
Message-ID: <CA+eFz_JHOxaA+RuOXhb2S1sXusJ=3qyOCBGr3MvWoixLaj4UMg@mail.gmail.com>

The current drive to migrate the whole Web to HTTPS suggests you may have a
number of people that disagree with you.

Personally I think some mention of security is necessary but if there is a
consensus that it is not I'll happily drop it.

On 19 May 2015 at 12:18, Melvin Carvalho <melvincarvalho@gmail.com> wrote:

>
>
> On 19 May 2015 at 11:46, Adrian Hope-Bailie <adrian@hopebailie.com> wrote:
>
>> All true, however the architecture should assume that we will secure
>> basic things like message content and sensitive data and credentials and...
>>
>
> IMHO, Not at the architectural level, no.  Tools should be provided so
> that security can be used when necessary.   If the web had started with
> HTTPS it may never have taken off.  It's all too common especially lately
> for security to be over engineered creating barriers to participation. If
> email was secure by design, it may never have taken off too.
>
>
>>
>> I think the statement "Secure by design" says enough without saying too
>> much don't you?
>>
>
> I would personally leave it out, and have security considerations inside
> each individual spec, as is common.
>
>
>
>>
>> On 19 May 2015 at 11:33, Melvin Carvalho <melvincarvalho@gmail.com>
>> wrote:
>>
>>>
>>>
>>> On 19 May 2015 at 11:08, Adrian Hope-Bailie <adrian@hopebailie.com>
>>> wrote:
>>>
>>>> Hi Melvin,
>>>>
>>>> Are you referring to this line:
>>>> * Secure by design
>>>>
>>>
>>> Yes
>>>
>>>
>>>>
>>>> I agree with what you're saying but I don't think it's necessary to
>>>> strip this statement out completely. I think it's important that we state
>>>> that the design is intended to promote security, however that ultimately
>>>> translates into the implementation.
>>>>
>>>> Do you have a suggestion for an alternative wording?
>>>>
>>>
>>> I dont.  I envision web payments ecosystem to be self healing,
>>> decentralized and fault tolerant.  It's quite difficult to put that into a
>>> vision statement, because highly connected, scale invariant systems, tend
>>> to be self organizing.  For example, when dealing with family members, you
>>> may need low security, but when buying health insurance, higher security.
>>>
>>>
>>>>
>>>>
>>>> On 19 May 2015 at 08:58, Melvin Carvalho <melvincarvalho@gmail.com>
>>>> wrote:
>>>>
>>>>>
>>>>>
>>>>> On 18 May 2015 at 14:58, Adrian Hope-Bailie <adrian@hopebailie.com>
>>>>> wrote:
>>>>>
>>>>>> The IG are trying to finalize a short vision statement for the work
>>>>>> we are undertaking, specifically with regards to the architecture we will
>>>>>> be developing, for payments on the Web.
>>>>>>
>>>>>> The document is intended to express the technical principles we
>>>>>> consider important in the design of the architecture and I'd appreciate
>>>>>> some input on it's content.
>>>>>>
>>>>>> The document is also intended to be short, less than a page, and as
>>>>>> such not too detailed. It's purpose is to frame the design and allow all
>>>>>> stakeholders to agree up front that we are aligned on our vision.
>>>>>>
>>>>>> The audience should be broad, and not necessarily payments or Web
>>>>>> technology experts, but since this is related to the design of a technical
>>>>>> architecture the content will be technical.
>>>>>>
>>>>>> Please have a look at the first draft of this document and send me
>>>>>> your feedback.
>>>>>>
>>>>>> https://www.w3.org/Payments/IG/wiki/Payment_Agent_Task_Force/Vision
>>>>>>
>>>>>
>>>>> Personally I would scratch the part on security.  Not because I dont
>>>>> value security, but because it's quite a subjective term.  Satoshi said, "A
>>>>> certain per centage of fraud is accepted as unavoidable".  I prefer that
>>>>> kind of wording.  Also, security can come at the expense of growth and
>>>>> scalability.  The value proposition of the web is not as a secure system,
>>>>> much like the post office, telephone or email, but rather, as a highly
>>>>> connected self organizing system capable of unexpected reuse.  Systems like
>>>>> bitcoin and ripple are relatively secure but dont scale too well, systems
>>>>> like the web are relatively insecure but scale well.  What we have tended
>>>>> to notice with large systems is that security increases with scale.
>>>>>
>>>>>
>>>>>>
>>>>>> Thanks,
>>>>>> Adrian
>>>>>>
>>>>>> p.s. Thanks Ian Jacobs for the initial work in getting this started.
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
>

Received on Tuesday, 19 May 2015 18:02:47 UTC