Web Payments Telecon Minutes for 2014-01-29

Thanks to Dave Longley for scribing this week! The minutes
for this week's Web Payments telecon are now available:


Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

Web Payments Community Group Telecon Minutes for 2014-01-29

  1. Introduction to Jeff Cliff
  2. ISSUE-20: eBay/PayPal concerns
  3. Communication with SWIFT and IETF
  4. Web Payments Charter/Work Items Voting Status
  5. Web Commerce API
  Manu Sporny
  Dave Longley
  Dave Longley, Manu Sporny, David I. Lehn, Jeff Cliff, Brent 

Dave Longley is scribing.
Manu Sporny:  Any changes to the Agenda?
David I. Lehn:  Nope.

Topic: Introduction to Jeff Cliff

Jeff Cliff:  I'm a fairly active member in the ripple community. 
  I've been following the work that's been done here for quite some 
  time. I'm not affiliated with any organization here. I'm a voice 
  of the Ripple community in some ways. I'm a developer, I haven't 
  contributed any code to this project yet, and I'm still trying to 
  figure out a way to do that
Manu Sporny:  Welcome, we're really happy to have you here! 
  Hopefully we can figure out a way to get some contributions from 
  you or just get your input on the work we're doing here.
Manu Sporny:  Are you coming to the web payments workshop, it's 
  in Paris?
Jeff Cliff:  I'm trying to figure a way to get there, I'll work 
  on that.
Manu Sporny:  Let us know if you have any questions as we go 
  through all this stuff, feel free to follow up on the mailing 
  list as well.

Topic: ISSUE-20: eBay/PayPal concerns

Manu Sporny: 
Manu Sporny:  Paypal wrote in with a number of concerns about the 
  website. T they were concerned that people would get the wrong 
  impression that the output of the web payments CG would become 
  standards immediately, they wanted us to be a bit more clear 
  about what the group was working on, this is what kicked off the 
  entire discussion about the charter and scope of work/work items
Manu Sporny:  We talked with w3c management and we've gone to a 
  pretty great effort to ensure that w3c management and paypal/ebay 
  and some other larger companies were ok with the text
Manu Sporny:  If you look at issue 20, the first 4 have been 
  marked off
Manu Sporny:  We've made it clear that no community group is 
  endorsed by w3c but also made it clear that we are working on 
  tech here that we hope to get into the w3c standards-track 
  process. I've mentioned that we've done this before, gone through 
  this mechanism and gotten things published.
Manu Sporny:  Also made a clear statement that while the work is 
  not on the w3c rec track, we do plan on trying to get it adopted 
  through a web payments working group
Manu Sporny:  We plan to push hard to get the specs that are 
  mature enough from the CG into the WG
Manu Sporny: We've Made these changes to the site over two weeks 
  ago - https://web-payments.org/
Manu Sporny:  The other part was specifying who the community is. 
  Paypal was concerned that people would get the impression that 
  the CG consists of W3C member companies, but even though it does, 
  since it doesn't have W3C WG blessing yet, we've clarified the 
  group info on the site
Manu Sporny:  I think the statement is accurate enough to 
  indicate who the group consists of
Manu Sporny:  They wanted us to remove the language that says the 
  world's financial system is ailing or has problems with it, the 
  larger financial players don't want that language there, we just 
  say that the web is going to play a key role in improving the 
  world's financial infrastructure and a more equitable future of 
  all of us, etc.
Manu Sporny: We Were also asked to specify who the 
  dependencies/liasons are: 
Manu Sporny:  We touch on a wide variety of issues in the 
  dependencies/liaisons list
Manu Sporny:  We have a large number of people to keep in touch 
  with and up-to-date on with respect to what we're working on
Manu Sporny:  We can't create a page for the charter on the 
  website  until we're done with the vote on the charter, the vote 
  ends this friday
Manu Sporny:  I believe those were all of Paypal's concerns that 
  we could address, a lot of them were non-issues because 
  paypal/ebay didn't seem to understand how CGs were run, talking 
  with w3c management i believe we have hopefully clarified that 
  all of the issues.
Manu Sporny:  Anyone think there are any concerns or other issues 
  that haven't been addressed?
Manu Sporny:  If there's nothing else, we'll go ahead and move on
Manu Sporny:  I imagine that this issue will be closed once we 
  close the vote and update the site w/ the charter and list of 

Topic: Communication with SWIFT and IETF

Manu Sporny:  SWIFT reached out to us and said that they don't 
  want to be listed in the liaison group on the CG list, there have 
  been a number in their membership that are concerned with SWIFT's 
  interaction with this group. They wanted to make clear that they 
  are very interested in what we're doing. They are on the program 
  committee and coming to the workshop, they just want to make sure 
  that any announcement of SWIFT's involvement with this Community 
  Group is held off until after the workshop once they've figured 
  out what part they will play in this space.
Manu Sporny:  I've removed them from the list, it doesn't require 
  us to recharter, etc.
Manu Sporny:  I also spoke with Hannes Tschofenig from the IETF's 
  Advisory Board about Web Payments yesterday.
Manu Sporny:  We're going to try and present the web payments 
  work at the next IETF plenary which is in march in london, i'm 
  trying to find money to fly me out there to do a presentation on 
  our work here.
Manu Sporny:  They said it's a topic the plenary is very 
  interested in there would be between 800-100 highly technical 
  folks in the audience there.
Manu Sporny:  Hannes is very involved in OAuth as well.
Manu Sporny:  We built the web payments stuff on top of oauth in 
  the beginning and moved away from it
Manu Sporny:  Hannes wants to know more about why we made that 
  decision and wants to see if the newer stuff in oauth can help
Manu Sporny:  So we're in close contact with these IETF groups: 
  OAuth, JOSE, HTTP2
Manu Sporny:  The whole purpose is to get more communication 
  happening here between w3c and IETF when it comes to payments, so 
  this is a good thing, it's not a done deal yet, we have to figure 
  out funding but hopefully it will work out
Manu Sporny:  Any questions about that?

Topic: Web Payments Charter/Work Items Voting Status

Manu Sporny:  The votes on the proposed charter and scope of work 
  are going well, we have a good turnout. We would still like more 
  people to vote before Friday.
Manu Sporny:  We expect the charter to go through, it is 
  overwhelmingly supported
Manu Sporny:  With the work items, some people who weren't 
  technical in nature abstained, most votes were from people who 
  are at least fairly technical in nature
Manu Sporny:  The only specs that have gotten votes against them 
  have been the web payments design principles (which is a little 
  confusing), the web commerce specification, and the web payments 
  crowdfunding specification and http signatures and nonces, each 
  having just one vote against them. Vast majority is for the 
  specs, with about 25% abstention rate.
Manu Sporny:  Any questions on the charter voting status stuff?
Brent Shambaugh:  I've been working on my own stuff for a while, 
  just got looped back in for the vote, for whatever that's worth.
Manu Sporny:  That's fine, the vote's more about whether or not 
  you'd like the work to happen, not necessarily that you've been 
  deeply involved in the work.

Topic: Web Commerce API

Manu Sporny: 
Manu Sporny:  This is a revival of the mozpay API, which was 
  something created for the firefox marketplace, it's a place where 
  you can list items for sale and using a firefox phone you can do 
  a single click purchase
Manu Sporny:  Mozilla has somewhat abandoned that approach, they 
  were counting on a trusted chrome UI to protect the transaction, 
  but they've found that that approach has been too difficult to 
  implement, they are concerned about it being easy to fake that 
  UI, there is a bit of that spec that could be used for doing web 
  payments, specifically the thing that we are missing in the group 
  right now, is the ability to provide a unified mechanism on the 
  web where someone can click on the buy button on the web, 
  regardless of who their payment provider is, paypal, payswarm, 
  bitcoin, google, amazon, whatever, they should be able to use the 
  same UI flow to make a purchase
Manu Sporny:  This spec is about sending a purchase request to a 
  payment processor and having that payment processor respond with 
  a standardized digital receipt that indicates whether or not the 
  payment went through
Manu Sporny:  After talking with Kumar from Mozilla about this 
  last week, he said it shouldn't be an issue to just build on top 
  of what they had.
Manu Sporny:  And we're also looking at making this simpler on 
  the browser manufacturers - we  want to make this implementable 
  as a polyfill
Manu Sporny:  This is similar to how JSON got going (JSON.parse() 
  / JSON.stringify()), and mozilla persona, etc.
Manu Sporny:  If it becomes widely used, then the API can be 
  built into the browser
Manu Sporny:  The API in the browser would then take over what 
  the polyfill was doing
Manu Sporny:  It's just a neat technical trick to say something 
  will be a browser ability without having to get buy in at the 
  very beginning, if it never catches on, browsers don't have the 
  nasty legacy to live with. If it does catch on, browsers can 
  implement a more secure version of it (using 2-factor auth, for 
Manu Sporny:  So when people go to a website and click on "pay 
  with X" button, it will execute the same code across each one of 
  those systems, it will be the same across any of the payment 
  providers available, and the digital receipt will be the same as 
Manu Sporny:  The big question is whether or not 
  paypal/google/amazon will go for this
Manu Sporny:  It does allow us to do the simplest possible thing, 
  we're just standardizing the purchase request and digital receipt
Manu Sporny:  Whether or not the vendor will trust these receipts 
  is another thing
Manu Sporny:  The digital receipt will be signed by say, paypal, 
  and the vendor can decide if they trust them and grant access
Manu Sporny:  If someone else, some completely unknown payment 
  processor on the web gives a digital receipt to the vendor, the 
  vendor might not know them and may not trust them and they'd not 
  honor that digital receipt because the person on the other end 
  could be trying to spoof the purchase
Manu Sporny:  I'm pointing that out because there are issues with 
  this implementation because it gives an undue advantage to very 
  large organizations that are already payment processors
Manu Sporny:  Payment processors to be are going to have a 
  difficult time with this unless we make it possible to register 
  new payment processors and decentralized payment processor trust 
Manu Sporny:  That's an overview of what this spec is supposed to 
  do (buy button/API, standard purchase request, which is 
  transmitted to buyer's payment processor, digital receipt is 
  returned to the vendor through the browser, etc.)
Manu Sporny:  This should work with paypal, payswarm, google 
  wallet, bitcoin, etc. buy flows
Manu Sporny:  Any comments or questions on this spec?
Manu Sporny:  This is not a part of our scope of work right now, 
  so we'd have to figure out if it's part of our scope of work, 
  we'd have to do another vote to add it in as a work item
Manu Sporny:  When it comes to creating a WG at w3c this is 
  probably one of the specs that will get the bigger companies 
  interested, this could get googles, paypals, large banks of the 
  world interested, allows them to slowly move towards a 
  standardized buy flow on the web while keeping their proprietary 
  backend payment system.

Received on Wednesday, 29 January 2014 18:08:01 UTC