W3C home > Mailing lists > Public > public-webpayments@w3.org > May 2013

Re: First draft of Browser Payments 1.0 spec published

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Sun, 12 May 2013 22:43:16 -0400
Message-ID: <51905344.1050600@digitalbazaar.com>
To: public-webpayments@w3.org
On 05/11/2013 02:40 PM, Kingsley Idehen wrote:
>> Ultimately, if you are going to have identity on the web, you have
>> to trust the server running the software. :)
>> 
> No, the problem remains accepting that references (URIs) as native
> types on the Web means relations (sentences, statements,
> propositions, claims) implies we have logic as the conceptual schema.
> You don't have to trust any software at all, you just have to make a
> judgement about inferences drawn from the logic in the relations.
> 
> It doesn't matter how many machines touch a resolvable URI that
> denotes an Agent. What's important is the ability to make sense of
> the description graph that's unveiled.

My point was that if you publish your identity and public keys on a
server, and that server is compromised such that they can add any public
key to your identity, they can then digitally sign anything on your behalf.

If you are running software to do something, you have to trust that the
software is going to do what you tell it to.

-- manu

-- 
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Meritora - Web payments commercial launch
http://blog.meritora.com/launch/
Received on Monday, 13 May 2013 02:43:46 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:23 UTC