- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Wed, 09 Oct 2013 14:06:33 -0400
- To: Web Payments <public-webpayments@w3.org>
Thanks to Dave Longley for scribing today! The minutes for this
week's Web Payments telecon are now available here:
https://payswarm.com/minutes/2013-10-09/
Full text of the discussion follows for archival purposes at the W3C.
Audio of the meeting is available as well (link provided below).
--------------
Web Payments Community Group Telecon Minutes for 2013-10-09
Agenda:
http://lists.w3.org/Archives/Public/public-webpayments/2013Oct/0026.html
Topics:
1. Web Payments Face-to-Face meetings
2. Identity, Payments, and Persona
3. Web Payments Technical Specifications Strategy
Action Items:
1. Create a Web Payments policy document that outlines the
sort of technology that should be created by the Web Payments
group.
Chair:
Manu Sporny
Scribe:
Dave Longley
Present:
Dave Longley, Manu Sporny, Pindar Wong, David I. Lehn, Madhu Nott
Audio:
http://payswarm.com/minutes/2013-10-09/audio.ogg
Dave Longley is scribing.
Manu Sporny: I had a discussion with Lloyd from Mozilla Persona
this morning about how we could leverage persona. We now have a
way of achieving what we want through persona, he verified a
number of things we needing him to verify, we can go over that
discussion later on.
Topic: Web Payments Face-to-Face meetings
Manu Sporny: we have a number of Web Payments meetings happening
around the world
Manu Sporny: Upcoming Web Payments Face-to-Face meetings will be
in:
Manu Sporny: Bay Area (Palo Alto, Mountain View, San Francisco)
Manu Sporny: Bali (Internet Governance Forum)
Manu Sporny: Hong Kong (Multinational Banks and Tech Sector)
Manu Sporny: Shenzen (W3C Technical Plenary)
Manu Sporny: next week I'm traveling to the SF bay area, I'm
doing a presentation at Google to the Chrome, Google Wallet, and
requestautocomplete teams
Manu Sporny: https://payswarm.com/slides/2013/google-webpayments/
Manu Sporny: that slide deck will likely change based on
feedback from their payments team before i get there
Manu Sporny: i'm also doing a bay area node.js meetup
Manu Sporny: specifically, the talk i'm giving is on linked
data, RDFa and JSON-LD
Manu Sporny: later on in the week we're going to be talking with
some other companies that don't want to be named publicly yet,
fairly large tech companies
Manu Sporny: after the bay area i'm flying out to Bali to meet
pindar at the IGF
Manu Sporny: and try and represent the web payments work that's
being done here
Pindar Wong: the objective is to raise awareness of the group
and get others to participate where relevant, the taxation
element is appearing a lot more in my conversations with bankers
here in hong kong, it's more an outreach effort to make
governments aware that this work is happening and one aspect that
is to understand the future of mobile payments and where this
group may fit in, and to understand how to tax how the various
txns may occur there
Manu Sporny: we have thought about the taxation aspects ... it's
built into the payswarm protocol, depending on the country, etc.
the payswarm payment processor can handle the taxes based on
where the sender is, receiver is, etc.
Pindar Wong: i think that's very attractive to hear and that's
not an area that we typically harp on about but in this case it's
a very nice feature set to mention
Manu Sporny: you think it would be helpful to mention that in
bali?
Pindar Wong: absolutely
Pindar Wong: a lot of peopel have no idea how to deal with the
taxation aspect
Manu Sporny: the mobile based stuff, a lot of people are saying
there is no mobile web, it's just the web, the protocol works
over mobile devices just like any other computer, which means the
payswarm protocol taxation features work just the same over
tablets, mobile devices, desktop, doesn't matter
Pindar Wong: exactly, great
Manu Sporny: next we'll be going to hong kong
Manu Sporny: pindar has set up multiple meetings with banks/tech
sector companies over 2 weeks while i'm there
Manu Sporny: i should also point out that pindar has been
incredibly generous with his time and resources to make sure we
can go over to bali and hong kong to make this happen, it's
greatly appreciated
Pindar Wong: sure it's my pleasure, i'm trying to move the ball
forward, to add one aspect, the HK meetings ... i sent the
approx. time for public meetings, there will be some private
ones, managing expectations from the financial regulators is one
of the strategic aims and goals, dealing with money laundering,
etc. it's early stage, it's probably a multiple year commitment,
it's good to start off on the right foot,
Manu Sporny: we've made a breakthrough with the KYC stuff with
persona this morning i believe
Manu Sporny: yes, talking to regulators is incredibly important
and they aren't represented in the web payments group and it's
been difficult to get meetings with them, if you can organize
meetings for that, pindar, it would be very very helpful
Manu Sporny: at the end of the HK visit i'm going to Shenzen to
the W3C technical plenary
Manu Sporny: we'll be telling everyoen about the web payments
work and the workshop in paris in 2014
Manu Sporny: the purpose of the workshop is to determine if the
w3c should create a working group (made up of the w3c companies
like bloomberg, mozilla, etc.) for web payments, ideally you get
4 large companies that want to back the working group
Manu Sporny: or 10 small companies
Manu Sporny: it's clear that payments is a very interesting area
taht these companies care about, it's just not clear what the
exact technical work that the working group would take up,
payswarm, identity, etc.
Manu Sporny: this meeting will also be used to talk to all other
groups that affect the web payments work
Manu Sporny: for example the Web Crypto group will be working on
tech that affects what we do, it helps making web payments easier
to do and more secure, we have people from the sysapps group
working on NFC and that would allow us to do like pay with your
mobile phone through a web browser to an NFC device at a checkout
kiosk, pay for movie ticket, groceries, etc. or just transfer
money by tapping phones together
Manu Sporny: so work at the technical plenary will be to join
that group and make sure they have the web payments use cases in
mind when they are creating these technologies
Manu Sporny: aside from that there are other publishing groups
there and meeting various other people, GSM association there,
giving everynoe an update, giving a presentation on what we've
been able to accomplish this year on web payments is all on the
agenda, after shenzen is coming back to the states
Manu Sporny: next is the web payments workshop which is in nov
Topic: Identity, Payments, and Persona
Manu Sporny: https://payswarm.com/minutes/2013-09-25/#topic-5
Manu Sporny: chatted with lloyd@mozilla, head of persona team
Manu Sporny: this morning, continuation of discussion from 2
weeks ago, core here has to do with creating an identity
mechanism for the web that is also useful to banks, financial,
and govt institutions
Manu Sporny: the idea is having an identity on the web that is
capable of asserting that you are a citizen of a particular
country, you are a certain age, live at a certain address, etc.
all these things can be tacked onto this identity
Manu Sporny: the payswarm work has a rough spec for what this
would look like, and what we didn't know until this morning was
if we could integrate web payments identity with mozilla persona
Manu Sporny: for example, mozilla persona is meant to be email
identity mechanism, simple, built into the browser
Manu Sporny: all it does is provide website you're logging into
with a verified email address, website doesn't have to verify
your email address anymore, you just click to log in with your
email address on a website and the website now knows the email
address is valid and have an identifier for you
Manu Sporny: the missing piece was the ability for the persona
assertion, so when you have an identity provider like google,
meritora, or payswarm and you can use an assertion that says this
email address is real and belongs to the person holding this
document
Manu Sporny: the missing piece is being able to specify the
payment processor for that identity or who controls that persons
address/govt issued information/who is the gatekeeper for that
info
Manu Sporny: i talked with lloyd and we hammered out a rough
plan for how to integrate with the web payments id mechanism
Manu Sporny: the payswarm authority would become a persona
identity provider
Manu Sporny: dave@meritora.com or dave@paypal.com
Manu Sporny: so payswarm authority would give you an email
address
Manu Sporny: when you log into a website you'd select that
identity
Manu Sporny: when that assertion is sent to that website, it
would not only contain your email address but also your web
payments identity information
Manu Sporny: so, something like - paymentIdentity:
"https://dev.payswarm.com/i/manu"
Manu Sporny: that URL would be injected into the assertion, and
the website can then bootstrap the rest of the process
Manu Sporny: the website can hit that URL and retrieve the
person's govt issue ID info, SSN, whatever that person permits
Manu Sporny: lloyd felt that it was the best way to extend
persona, it doesn't require much work for them, they are happy
with us being the canary in the mine proving that this can be
done
David I. Lehn: what's the access control information for that?
Manu Sporny: we'd have access control stuff that mirrors how we
do it for payments right now
Manu Sporny: so if a website wanted to get your shipping address
they would make a request to the payswarm payment processor and
then the processor would say access denied and say the user has
to authorize you, then a pop up would show that the website wants
certain information and the user has to say yes
Manu Sporny: and then that information is sent to the vendor's
website
Manu Sporny: the vendor's request would just include what they
want using a JSON-LD message
Manu Sporny: does that answer your question?
David I. Lehn: yeah, there are a lot of details there, but yeah
Manu Sporny: yeah, the Read-Write-Web group are working on this
problem too
Manu Sporny: the persona people care a lot about this problem
too but don't have spare cycles to work on it, he was very
apologetic for not having more resources
Manu Sporny: there are multiple other groups that care about
this problem and are working on it as well
Manu Sporny: so we'll have some help and coordination
Topic: Web Payments Technical Specifications Strategy
Manu Sporny: some people haev been pinging me off line saying it
seems like the group has been fairly scattered in its discussion,
talking about bitcoin, philosophy of payments, DRM and
censorship, meanwhile we have mozpay and payswarm and discussions
around the world with banks, financial institutions and tech
companies, to anyone who just joined the group it seems like a
wall of information
Manu Sporny: they are being hit with and it's raising the
question, where is the group going to focus its time ...
Manu Sporny: is it going to be a lot of discussions where we
pick something out of the soup or do we have a clear technical
path
Manu Sporny: this is going to be an issue when we try to create
the working group
Manu Sporny: the question that will be asked is "what is the
technical output of this group going to be?"
Manu Sporny: we won't get a group until we have a clear answer
for that
Manu Sporny: we could start this conversation off by talking
about the things that are more or less done or could be
standardized soon
Manu Sporny: so let me get some of the specs up here
Manu Sporny: in general, there are specs that are going through
that would go through without the web payments group, RDFa is
already a REC, it's done, and we use RDFa to express products for
sale on the Web, that work started in 2004 and we were done in
2008 and a new version was published just this year 2012-2013:
http://www.w3.org/TR/rdfa-core/
Manu Sporny: http://www.w3.org/TR/html-rdfa/
Manu Sporny: JSON-LD is the technology we use for the financial
messaging: http://www.w3.org/TR/json-ld/
Manu Sporny: we have 6 implementations with 5 that pass all
tests
Manu Sporny: other implementations are out there that are
limited
Manu Sporny: we are trying to get the spec out this year but
some process stuff is getting in the way
Manu Sporny: so for the payswarm and mozpay stuff we have
prereqs out there
Manu Sporny: at the end of the mozpay discussions it was
sounding like they wanted to use JSON-LD
Manu Sporny: it sounds like, for the future of the web, it looks
like JSON-LD is the messaging format
Manu Sporny: it seems like JSON-LD is favored
Manu Sporny: those are things that will be done regardless of
whether or not there's a web payments group
Manu Sporny:
http://json-ld.org/spec/latest/rdf-graph-normalization/
Manu Sporny: we have a number of specs that could be put into
the web payments group
Manu Sporny: there's somethign called RDF dataset normalizatoin
Manu Sporny: it is used to make sure messages can be digitally
signed and verified
Manu Sporny: https://payswarm.com/specs/source/http-keys/
Manu Sporny: we need dataset normalization in order to have any
of the payments stuff work out, or we have to use the JOSE spec
and it isn't ideally suited for financial/extensible tech
Manu Sporny: we could also include the http-keys spec, this
allows us to do digitally signed messages, to do requests for
transactions that are digitally signed in json-ld, we have a nice
Web PKI that's a result of this messaging spec
Manu Sporny: it also does KYC on the Web which ties in nicely
with persona
Manu Sporny: that's a pretty solid argument for the w3c for
picking it up
Manu Sporny: there are at least 2 specs that the web payments
group could kick off with that are more or less done, we wouldn't
have to do much with them
Manu Sporny: those are foundational payment technologies, they
are generic ... they could be used for anything, the argument
that they should go into the web payments group is a discussion
we'll need to have
Manu Sporny: that brings up to the meat of the issue
Manu Sporny: so what are we standardizing as the payment
protocol here?
Manu Sporny: we have bitcoin, which is being standardized at the
bitcoin foundation, they haven't been heavily involved in the web
payments group but there has been discussions here
Manu Sporny: they dont' have spare bandwidth to go off and write
bitcoin specifications, they mostly do code
Manu Sporny: the idea that we would end up working on
bitcoin-specific technology is probably not going to happen in
the web payments group
Manu Sporny: unless we get a lot more contributions from that
community
Manu Sporny: the other group is Ripple, we've been having good
offline communications with them, their protocol is open and on
the web, their source code is open, the Ripple folks have been on
these calls before and they have wanted to figure out a way to
work with the web payments group
Manu Sporny: i don't think we'll have anything by 2014 to work
on, but i am having meetings with them soon so that could change
Manu Sporny: the third thing that could be used on the web
payments group is a generalized payment frame that is not
spoofable or is whitelisted and this used to be part of mozpay
and it's something that mozilla is interested in pursuing there
is no spec for it, just ideas floating around for what it could
be
Manu Sporny: the purpose of the frame was initially for web
payments, but now they seem to be on shaky ground for what they'd
want to standardize
Manu Sporny: https://payswarm.com/specs/source/web-payments
Manu Sporny: that brings us to payswarm
Manu Sporny: https://payswarm.com/specs/source/web-commerce
Manu Sporny: there's several specs for payswarm we could work on
Manu Sporny: https://payswarm.com/specs/source/payment-intents
Manu Sporny: those specs are in a fairly rough state, but are
certainly in a position to be picked up by a web payments working
group
Manu Sporny: https://dev.payswarm.com/
Manu Sporny: we have solid implementations for the specs so we
know that they work from a technical standpoint that they work
Manu Sporny: so the question is what should we propose to the
w3c for standardization
Manu Sporny: our organization, Digital Bazaar, is really pushing
the payswarm stuff, mainly becauset here's nothing else that does
what it does
Manu Sporny: we don't yet have Ripple saying they want a w3c
spec or standard, same for bitcoin, we do have the people that
that are working on the payswarm stuff
Manu Sporny: that stuff is improving and we are updating the
specs and standards as we go
Manu Sporny: as far as i see it, the only potential pitch we
have for the w3c is that we would like to standardize the
identity and payments stuff that payswarm has outlined and the
RDF dataset, http-keys specs
Manu Sporny: we would also like to standardize some kind of
secure browser frame that mozilla is going to be working on over
the next year
Manu Sporny: whether or not that will fly at a group level or
not i have no idea
Manu Sporny: at this point we have 100 people in the group and
it's pretty difficult to get a read on where the group wants to
head
Dave Longley: I suspect that the group would be okay with the
path, we could say that's the path we think we should take and
see what they say. [scribe assist by Manu Sporny]
Pindar Wong: all the payswarm work you've done is very open and
transparent and i'd agree with that
Pindar Wong: that's very clear and consistent with what i
understand from the list
Pindar Wong: the intersection of policy and technology here is
quite intricate, and i do think some of the discussions happening
are quite important, it might be good to add some structure to
separate between technology and policy in those discussions
Pindar Wong: some bifurcation might be necessary
Manu Sporny: one of the things we've tried to avoid in the past
is to create separate mailing lists
Manu Sporny: these things, as you said, are intricately linked,
it's hard to talk about tech without mentioning policy
Manu Sporny: philosophical discussions have a direct impact on
the tech built
Manu Sporny: it's important to separate them where we can, but
often we come back to core philosophical discussions and they
tend to be painful and drag out for a long time, but it's
improtant to understand the philosophy that's underpinning the
decisions being made in this group
Pindar Wong: what i was suggesting then was a reference document
or wiki that could state the status of the participants or their
values/principles or architectural principles as a statement of
policy because you are implementing policy through the code that
is written, i guess get something more document driven is what
i'm edging for
Manu Sporny: i agree, there are fundamental things here like
tech created by the web payments group must be usable by people
in emerging nations, industrialized countries, people on mobile
devices, without leaving anyone out
Manu Sporny: tech should be accessible to all, take into account
people with disabilities, people who don't have access to
infrastructure like banks, outlining those things in a document
would be very useful
Manu Sporny: they get lost in the mailing list
Manu Sporny: we need to have a document that ends up formalizing
that kind of stuff
Manu Sporny: if we can direct that energy to a document i'm very
supportive of that, the mailing list being the history of how
that derived is very important
Manu Sporny: anything else on the direction/proposing it to the
group?
Pindar Wong: i think this is a very productive conversation to
have this time of year, there needs to be technical discussions
to get work done and progress made
Manu Sporny: it's not that w3c will be inflexible about this,
it's just about the fact that when a group gets chartered, it
needs to have a clear list of things ... if you had things you
have to go through a 6 month process to get rechartered
Manu Sporny: if we say we're going to do RDF dataset
normalization, http-keys, and payswarm
and the frame window
Manu Sporny: and it will take 4 years to finish, but if mozilla
wants to change something or add to it, in order to get it to
standardization we have to recharter the group and go back to the
w3c companies and get approval
Manu Sporny: it ends up taking months to do
Manu Sporny: so the only reason i'm saying that we have to
propose something at the workshop is that we have to make sure we
have something for the initial charter
Pindar Wong: absolutely makes sense
Pindar Wong: so the conversation on this list is really
important leading up to 2014
Pindar Wong: so everyone is in the best possible position for
next year
Pindar Wong: if the policy document could be done by early next
year would be great and would see if this group will be coherent,
etc.
Manu Sporny: maybe we should just kick start that policy
document this week or next
Pindar Wong: it would be lovely to be able to farm off this
discussion into an area where policy level inputs, regulators,
etc could all be participating
Pindar Wong: let's raise this at the IGF and see what comes
forward, try to get that domain expertise participating at the
right time at the right level
Pindar Wong: it would be good to mention at the IGF we're at the
process of doing this, making it document driven would be very
useful
Manu Sporny: ok that gives us something very concrete to work on
ACTION: Create a Web Payments policy document that outlines the sort of
technology that should be created by the Web Payments group.
Dave Longley: If we're going to have a policy document, we may
want to have a document to say which technologies are intended to
implement it. [scribe assist by Manu Sporny]
Pindar Wong: Absolutely agree with that. [scribe assist by Manu
Sporny]
Manu Sporny: https://payswarm.com/specs/source/use-cases/
Manu Sporny: we could probably drive it off of the payswarm use
cases
Manu Sporny: those use cases are kind of a pseudo policy
document
-- manu
--
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Meritora - Web payments commercial launch
http://blog.meritora.com/launch/
Received on Wednesday, 9 October 2013 18:06:56 UTC