- From: Adrian Hope-Bailie <adrian@hopebailie.com>
- Date: Wed, 20 May 2015 16:07:18 +0200
- To: Kepeng Li <kepeng.lkp@alibaba-inc.com>
- Cc: David Ezell <David_E3@verifone.com>, Ian Jacobs <ij@w3.org>, Manu Sporny <msporny@digitalbazaar.com>, Web Payments IG <public-webpayments-ig@w3.org>, Web Payments CG <public-webpayments@w3.org>
- Message-ID: <CA+eFz_J=N2X0oJRtmn9OEmq10mYss5bfgJxyZHMwjKoWpg5nsQ@mail.gmail.com>
All suggestions incorporated. On 20 May 2015 at 08:48, Kepeng Li <kepeng.lkp@alibaba-inc.com> wrote: > > Supports a wide spectrum of security needs to meet industry and > >regulatory expectations. > > > I propose to add privacy in the sentence: > Supports a wide spectrum of security and privacy needs to meet industry > and regulatory expectations. > > > In the use case document, we have already mentioned some privacy > requirements, and we have also talked about minimizing the exposure of > sensitive information in the subsequent bullets. > > Thanks, > > Kind Regards > > Kepeng Li > Alibaba Group > > > 在 20/5/15 8:25 am, "David Ezell" <David_E3@VERIFONE.com> 写入: > > >That's good. > > > >-----Original Message----- > >From: Ian Jacobs [mailto:ij@w3.org] > >Sent: Tuesday, May 19, 2015 8:07 PM > >To: David Ezell > >Cc: Manu Sporny; Web Payments IG; Web Payments CG > >Subject: Re: [Payments Architecture] A vision statement for the web > >payments architecture work > > > >* PGP Signed by an unknown key > > > > > >> On May 19, 2015, at 3:10 PM, David Ezell <David_E3@VERIFONE.com> wrote: > >> > >> Hi Folks: > >> > >> Ian wrote: > >>> * Supports a wide spectrum of security needs to meet industry and > >>>regulatory expectations. > >>> To meet regulatory requirements and give people enough confidence to > >>>use the Web for > >>> payments, the architecture must support a wide spectrum of security > >>>requirements and > >>> solutions. This includes the ability to encrypt strongly both > >>>sensitive information and the > >>> channels used to exchange the information, as well as supporting an > >>>evolving variety of > >>> authentication techniques (multifactor, biometric, etc.). Trust in > >>>the Web of payments > >>> is critical to its success. > >> > >> Yes, all good. Gives a list of things that will be included. Somehow > >>(and there's a lot there already) I think it should say what we will > >>attempt >not< to require. > >> Perhaps a second bullet for clarity: > >> "* Minimizes (eliminates?) reliance on Personally Identifiable > >>Information (PII) to fulfill any requirements.” > > > >How about: > > > >* Supports a wide spectrum of security needs to meet industry and > >regulatory expectations. > > Trust in the Web of payments is critical to its success. > > To meet regulatory requirements and give people confidence to use the > >Web for > > payments, the architecture must support a wide spectrum of security > >requirements and > > solutions. This includes minimizing what sensitive information is > >shared as well as the ability > > to encrypt that information (both in transit and when stored). The > >architecture will also need > > to support an evolving variety of authentication techniques > >(multifactor, biometric, etc.). > > > >Ian > > > >-- > >Ian Jacobs <ij@w3.org> http://www.w3.org/People/Jacobs > >Tel: +1 718 260 9447 > > > > > > > > > >* Unknown Key > >* 0x0ECB09CB > >________________________________ > >This electronic message, including attachments, is intended only for the > >use of the individual or company named above or to which it is addressed. > >The information contained in this message shall be considered > >confidential and proprietary, and may include confidential work product. > >If you are not the intended recipient, please be aware that any > >unauthorized use, dissemination, distribution or copying of this message > >is strictly prohibited. If you have received this email in error, please > >notify the sender by replying to this message and deleting this email > >immediately. > > > >
Received on Wednesday, 20 May 2015 14:07:50 UTC