Re: Apple Pay - Security Description from Kingsley Idehen on 2014-10-03 (public-webpayments@w3.org from October 2014)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Fri, 03 Oct 2014 09:05:27 -0400
To: public-webpayments@w3.org
Message-ID: <542E9F17.6080204@openlinksw.com>

On 10/3/14 7:31 AM, Anders Rundgren wrote:
> On 2014-10-03 12:22, Ricardo Varela wrote:
>> What I mean is that there's several parts to what you were mentioning:
>>
>> 1) create a Webby version of the scheme
>> 2) create a "decentralized" (pending definition) version of the scheme
>> 3) create a completely separated version of a complete payment 
>> system, independent of "the traditional payment industry"
>>
>> It is really difficult to get momentum doing all 3 at once - Apple 
>> did basically their own version of 1) - substituting "webby" with 
>> "for Apple's platform of choice"
>
> Agreed.
>
> Regarding #2 there are (as you write) different takes on this aspect.
> One of the more "trivial" is the WAYF (Where Are You From) mechanism.
>
> The lack of a useful WAYF is *one* of the factors which to date has 
> stymied OpenID.
> Microsoft did an effort to fix this almost decade ago with Information 
> Cards but
> it was based on the client tech available at that time and was 
> eventually shelved.
>
> I think it is (about) time resurrecting this excellent idea, but using 
> a revamped
> platform which also addresses the dependency on static code of the 
> original
> Information Card concept.  This is [among many things] what 
> WebCrypto++ is about.

FWIW Microsoft Passport in Webby form == WebID, WebID-Profile, and 
WebID-TLS.

Webby happens when entities are identified (named) using HTTP URIs.

Information Card == Profile Document.

YouID basically is all about just that, across iOS, Android, and the Web 
(of course).

[1] http://youid.openlinksw.com -- YouID .

-- 
Regards,

Kingsley Idehen 
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog 1: http://kidehen.blogspot.com
Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Friday, 3 October 2014 13:05:49 UTC