Re: P2P Payments from Anders Rundgren on 2014-12-05 (public-webpayments@w3.org from December 2014)

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Fri, 05 Dec 2014 20:15:00 +0100
To: Melvin Carvalho <melvincarvalho@gmail.com>, Manu Sporny <msporny@digitalbazaar.com>
CC: Web Payments <public-webpayments@w3.org>
Message-ID: <54820434.1060009@gmail.com>

On 2014-12-05 18:53, Melvin Carvalho wrote:
>
>
> On 5 December 2014 at 17:20, Manu Sporny <msporny@digitalbazaar.com <mailto:msporny@digitalbazaar.com>> wrote:
>
>     On 12/05/2014 10:58 AM, Anders Rundgren wrote:
>     > On 2014-12-05 16:54, Manu Sporny wrote:
>     >> On 12/05/2014 09:41 AM, Anders Rundgren wrote:
>     >>> Well, the WebPayment CG has a method for "neutralizing" SOP but I
>     >>> feel uneasy about it since it appears to be very complex.
>     >>> Somebody ought to spend a bit more time on this spec.
>     >>
>     >> Which spec are you referring to? The Identity Credentials stuff or
>     >>  the Web Commerce spec, or something else? The WebDHT stuff?
>     >
>     > I think I put out a link to the wrong spec :-( The WebDHT is the ting
>     > I meant...
>
>     Yep, unfortunately that "neutralizing SOP" stuff only exists as two blog
>     posts and a proof-of-concept implementation right now using Telehash
>     (not WebDHT):
>
>     http://manu.sporny.org/2014/identity-credentials/
>
>     source code:
>     https://github.com/digitalbazaar/opencred-idp/tree/master/sites
>
>     The "neutralizing SOP" bit is here:
>
>     https://github.com/digitalbazaar/opencred-idp/tree/master/sites#installing-the-login-mixnet
>
>     The login mixnet is capable of digitally signing something destined for
>     another website. It's not implemented right now, we may implement it
>     early next year. *sigh* not enough funding for that particular project
>     or hours in a day, so it keeps getting backburnered even though it's a
>     really important problem that needs to be solved.
>
>
> What about something like the Chris Messina's xauth approach hosted by the W3C?
>
> https://web.archive.org/web/20120521151833/http://xauth.org/info/ <https://web.archive.org/web/20120521151833/http://xauth.org/info/>

I still hope that the new situation for SysApps will be thing that overcomes the inertia.

Anders

>
>
>     -- manu
>
>     --
>     Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
>     Founder/CEO - Digital Bazaar, Inc.
>     blog: High-Stakes Credentials and Web Login
>     http://manu.sporny.org/2014/identity-credentials/
>
>

Received on Friday, 5 December 2014 19:15:30 UTC