- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Tue, 22 Jul 2014 21:54:49 -0400
- To: public-webpayments@w3.org
On 07/13/2014 12:33 AM, Anders Rundgren wrote: > How come the competition didn't buy into the TPM? > > TPMs are based on a "one-size-fits-all" security API philosophy. > Since Intel relies on external vendors supplying TPM-components this > (IMHO fairly unwieldy) API must also be standardized which makes the > process updating TPMs extremely slow and costly. > > TEEs OTOH can be fitted at any time with application-specific > security APIs which both can be standardized or entirely proprietary. > In fact, even third-parties can create new security APIs using > GlobalPlatform's TEE! Hey Anders, Could you elaborate a bit more on how we could apply this approach to the Web Payments initiative? The part that I don't understand is that if you allow entirely proprietary APIs into the mix, how do you achieve interoperability? Does it not matter at that level? To bring this more in line w/ what we're doing. We hope that the payment initiation mechanism that we end up standardizing is going to allow Visa, Mastercard, PayPal, Bitcoin, Ripple, etc. to all be listed as payment options by the merchant and selected freely by the customer depending on which payment mechanism they want to use. Is this an example of the approach that you're suggesting? -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: The Marathonic Dawn of Web Payments http://manu.sporny.org/2014/dawn-of-web-payments/
Received on Wednesday, 23 July 2014 01:55:19 UTC