RE: [Payments Architecture] A vision statement for the web payments architecture work

I propose to add privacy in the sentence:
Supports a wide spectrum of security and privacy needs to meet industry
and regulatory expectations.

 

I would also add that the word accessibility be added to the sentence as well, as it also falls under industry and regulatory expectations.

 

 

 

* katie *

 

Katie Haritos-Shea 
Senior Accessibility SME (WCAG/Section 508/ADA/AODA)

 

Cell: 703-371-5545 |  <mailto:ryladog@gmail.com> ryladog@gmail.com | Oakton, VA |  <http://www.linkedin.com/in/katieharitosshea/> LinkedIn Profile | Office: 703-371-5545

 

From: Adrian Hope-Bailie [mailto:adrian@hopebailie.com] 
Sent: Wednesday, May 20, 2015 10:07 AM
To: Kepeng Li
Cc: David Ezell; Ian Jacobs; Manu Sporny; Web Payments IG; Web Payments CG
Subject: Re: [Payments Architecture] A vision statement for the web payments architecture work

 

All suggestions incorporated.

 

On 20 May 2015 at 08:48, Kepeng Li <kepeng.lkp@alibaba-inc.com <mailto:kepeng.lkp@alibaba-inc.com> > wrote:

> Supports a wide spectrum of security needs to meet industry and
>regulatory expectations.


I propose to add privacy in the sentence:
Supports a wide spectrum of security and privacy needs to meet industry
and regulatory expectations.


In the use case document, we have already mentioned some privacy
requirements, and we have also talked about minimizing the exposure of
sensitive information in the subsequent bullets.

Thanks,

Kind Regards

Kepeng Li
Alibaba Group


在 20/5/15 8:25 am, "David Ezell" <David_E3@VERIFONE.com <mailto:David_E3@VERIFONE.com> > 写入:


>That's good.
>
>-----Original Message-----
>From: Ian Jacobs [mailto:ij@w3.org <mailto:ij@w3.org> ]
>Sent: Tuesday, May 19, 2015 8:07 PM
>To: David Ezell
>Cc: Manu Sporny; Web Payments IG; Web Payments CG
>Subject: Re: [Payments Architecture] A vision statement for the web
>payments architecture work
>
>* PGP Signed by an unknown key
>
>
>> On May 19, 2015, at 3:10 PM, David Ezell <David_E3@VERIFONE.com <mailto:David_E3@VERIFONE.com> > wrote:
>>
>> Hi Folks:
>>
>> Ian wrote:
>>> * Supports a wide spectrum of security needs to meet industry and
>>>regulatory expectations.
>>>   To meet regulatory requirements and give people enough confidence to
>>>use the Web for
>>>   payments, the architecture must support a wide spectrum of security
>>>requirements and
>>>   solutions. This includes the ability to encrypt strongly both
>>>sensitive information and the
>>>   channels used to exchange the information, as well as supporting an
>>>evolving variety of
>>>   authentication techniques (multifactor, biometric, etc.). Trust in
>>>the Web of payments
>>>   is critical to its success.
>>
>> Yes, all good.  Gives a list of things that will be included.  Somehow
>>(and there's a lot there already) I think it should say what we will
>>attempt >not< to require.
>> Perhaps a second bullet for clarity:
>> "* Minimizes (eliminates?) reliance on Personally Identifiable
>>Information (PII) to fulfill any requirements.”
>
>How about:
>
>* Supports a wide spectrum of security needs to meet industry and
>regulatory expectations.
>   Trust in the Web of payments is critical to its success.
>   To meet regulatory requirements and give people confidence to use the
>Web for
>   payments, the architecture must support a wide spectrum of security
>requirements and
>   solutions. This includes minimizing what sensitive information is
>shared as well as the ability
>   to encrypt that information (both in transit and when stored). The
>architecture will also need
>   to support an evolving variety of authentication techniques
>(multifactor, biometric, etc.).
>
>Ian
>
>--
>Ian Jacobs <ij@w3.org <mailto:ij@w3.org> >      http://www.w3.org/People/Jacobs
>Tel:                       +1 718 260 9447 <tel:%2B1%20718%20260%209447> 
>
>
>
>
>* Unknown Key
>* 0x0ECB09CB
>________________________________
>This electronic message, including attachments, is intended only for the
>use of the individual or company named above or to which it is addressed.
>The information contained in this message shall be considered
>confidential and proprietary, and may include confidential work product.
>If you are not the intended recipient, please be aware that any
>unauthorized use, dissemination, distribution or copying of this message
>is strictly prohibited. If you have received this email in error, please
>notify the sender by replying to this message and deleting this email
>immediately.




 

Received on Wednesday, 20 May 2015 15:39:48 UTC