Re: Payment Protected Resources -- Using HTTP 402

On 5/27/14 3:05 PM, Anders Rundgren wrote:
> On 2014-05-27 19:23, Melvin Carvalho wrote:
>> Many of us are now using web ACLs on a regular basis.
>>
>> A rule may look like:
>>
>> <>
>> <http://www.w3.org/ns/auth/acl#accessTo> <.>, <> ;
>> <http://www.w3.org/ns/auth/acl#agent> <http://melvincarvalho.com/#me> ;
>> <http://www.w3.org/ns/auth/acl#mode> 
>> <http://www.w3.org/ns/auth/acl#Read>, 
>> <http://www.w3.org/ns/auth/acl#Write> .
>>
>> This essentially says that my user ID can have read and write access 
>> to the named resource.
>>
>> I thought it might be an interesting idea to extend this type of 
>> access control to allow payment protected resources.
>>
>> So each server will maintain a balance for each user, as is typical 
>> with many commercial business models these days.
>>
>> If the user does not have any credit the server will return a 402 
>> HTTP response code, explaining the cost of the item and how they can 
>> top up their balance.  This could either be via a traditional payment 
>> method such as Euros, or, say, via a balance in crypto currencies, or 
>> as part of a loyalty / reward scheme that the web site issues.
>>
>> I'm wondering if we can extend the vocab we have to add payments?
>>
>> Perhaps a simple way would be to subclass #accessTo with #paidAccessTo
>>
>> Then have in the ACL rule a simple payment amount (or rule)
>>
>> Then say something like:
>>
>> <#amount>  0.001^^BTC
>>
>> Anyone have any thoughts on whether this could be implemented?
>
> I must confess that I understand zilch of this.
>
> If this is something happening between the browser (user) and a server 
> in an authenticated session, it has no relevance in a standards context.
>
> If this is rather involving different servers or agents, you must 
> describe what they are and how they get access to this information.
>
> Anders 

Instead of Turtle (a notation for encoding and decoding information in 
the digital medium provided by the Web) here's the same question using 
English (yet another notation for encoding and decoding information, but 
for a different medium):

Shouldn't I be able to use access controls (or even full blown attribute 
based data access policies) to drive financial transactions (i.e., 
debits and credits) in a distributed network?

Bitcoin is an example of open and distributed ledger that scales to the 
Internet. It will get even more interesting when like PKI (as 
exemplified by WebID, WebID-TLS, WebID-Profile, WebACLs) it becomes webby.

-- 

Regards,

Kingsley Idehen 
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Received on Tuesday, 27 May 2014 20:43:04 UTC