- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Wed, 01 Jan 2014 16:58:08 -0500
- To: public-webpayments@w3.org
Hi Elf, As you probably saw already, Dave Lehn fixed the bug that you found. It was a side-effect of moving over to the new web-payments.org domain. However, in your response you raised an interesting question that I wanted to address. For those of you that don't know what JSON-LD is, and want to follow the rest of this conversation, this video primer might help: http://www.youtube.com/watch?v=vioCbTo3C-4 On 12/31/2013 12:17 PM, ☮ elf Pavlik ☮ wrote: >> it also makes me wonder what happens when some system can't load >> external @context and doesn't have it cached? possibly general >> question for JSON-LD... It is a general question for JSON-LD, and each JSON-LD context maintainer will chose whatever works best for their particular problem and community. In general, the most stable (as in, you can always retrieve them) JSON-LD contexts will be the ones that are used most often. Some context authors will choose to host it on their own domain. I believe Martin Hepp of Good Relations may do this for future versions of Good Relations technology. Some context authors will choose to hard code it into their applications. This is what schema.org has done, as their @context file isn't available on schema.org because they're concerned about the traffic that they'll have to service if their JSON-LD Context becomes popular and the JSON-LD processors don't cache contexts correctly. Some context authors will depend on a redirect service with built in redundancies. That's what we've done w/ the JSON-LD contexts that this community develops. I'm going to focus on what we do here in an attempt to concretely answer your question. The "official" way to reference the PaySwarm context right now is via this URL: http://w3id.org/payswarm/v1 That will eventually bounce you to this URL: https://web-payments.org/contexts/payswarm-v1.jsonld So, what happens if web-payments.org goes away? A pull request can be sent to the Permanent Identifier Community Group at W3C to update the reference to point it to some place new. The PICG is run by a consortium of companies that have agreed to keep w3id.org up and running for at least a century (or however long the Web is around in its current state). It's 6-way redundant at the moment, so 5 of the 6 companies providing backups could fail and the service would continue to operate. You can read more about it here: https://w3id.org/ So, http://w3id.org/ is going to be around for a very, very long time. If a popular JSON-LD context disappears, that community will spring into action and replace it with something sane, like a re-direct to another site, or serving the context directly off of the w3id.org website. Talking specifically about the PaySwarm JSON-LD context, it will always be built into the software due to attack vectors through the JSON-LD context if the w3id.org website or the web-payments.org website were to ever be compromised. It's possible to reverse transactions by switching the meaning of "source" and "destination" in a PaySwarm transaction. To protect against that attack, PaySwarm payment processor software always uses local, verified, up-to-date copies of all JSON-LD contexts used for financial transaction purposes. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: The Worlds First Web Payments Workshop http://www.w3.org/2013/10/payments/
Received on Wednesday, 1 January 2014 21:58:34 UTC