W3C home > Mailing lists > Public > public-webpayments@w3.org > December 2014

RE: Zero Click Bitcoin Micropayments using HTTP 402

From: Daniel.Buchner <Daniel.Buchner@target.com>
Date: Mon, 22 Dec 2014 19:05:13 +0000
To: Anders Rundgren <anders.rundgren.net@gmail.com>, Mark Leck <markpleck@gmail.com>, Steven rowat <sn0281@uniserve.com>
CC: Web Payments CG <public-webpayments@w3.org>
Message-ID: <9691FBAEC3E2FF43AEC7E571F733AEA203DA04F2@TCEMAIL14P.hq.target.com>
I don't understand why you're saying the seller "owns" the payment GUI. The request for payment could occur either by a UI action (clicking an input that kicks off payment), or via response header, but either way the next action would be to present a browser/wallet UI that allows a single click for confirmation of amount and destination.

If browsers just routed a crypto-payment request (based on the header) to the right wallet app/origin, it would be a trivial platform addition that would enable a simple payment flow. One could also argue that this 402 action can already be achieved if the response redirected to a bitcoin: or custom protocol handler that raised a wallet or browser's trusted UI - either way, adding these hooks seems like a no-brainer.

- Daniel
From: Anders Rundgren [anders.rundgren.net@gmail.com]
Sent: Monday, December 22, 2014 10:36 AM
To: Mark Leck; Steven rowat
Cc: Web Payments CG
Subject: Re: Zero Click Bitcoin Micropayments using HTTP 402

On 2014-12-22 18:14, Mark Leck wrote:
> Broadcasting to the network is instant. So you can safely say that the
 > funds are in the bank. Well in the wallet. There is more chance of a
 > Visa going out of business than that BTC transaction not arriving.

Pardon for not being entirely enthusiastic; I just don't like the idea that
the seller app "owns" the payment GUI regardless if it is $10 000 or just a dime.

If there's a pay-to-view-URL (sounds like a typical XXX-site thing
[No, I'm not supposed to know that :-)]), shouldn't it have a price tag?

Then of course I have my usual questions like: how do you authenticate to
your BTC (wallet?).


> On 22 Dec 2014 16:59, "Steven rowat" <sn0281@uniserve.com <mailto:sn0281@uniserve.com>> wrote:
>     On 2014-12-20, at 7:36 AM, Anders Rundgren <anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>> wrote:
>      > On 2014-12-20 15:36, Melvin Carvalho wrote:
>      >> http://challengepost.com/software/zero-click-bitcoin-micropayments
>      >
>      > Hi Melvin,
>      > You mentioned the HTTP 402 thing before and I didn't got it.
>      > Now I do, but this solution is really a service dealing with HTTP 402.
>      >
>      > They didn't provide much details on how it works but I guess that's obvious for you bitconiers :-)
>      > The question is if their protocol would stand a security review, my guess is that it would not.
>     Looks so beautiful and simple. There must be a problem -- security, browser buy-in, wait times for bitcoin confirmation. If not, I'm ready to start using it anytime. :-)
>     Here's a discussion by bitcoin people of this idea from two years ago, including some detail about all those issues, especially security. It's not exhaustive but for me at least it was good background.
>     https://bitcointalk.org/index.php?topic=3895.0
>     Steven Rowat

Received on Monday, 22 December 2014 19:05:44 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:37 UTC