W3C home > Mailing lists > Public > public-webpayments@w3.org > July 2015

Re: sketching out HTTP 402 workflow

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Sun, 26 Jul 2015 08:04:33 +0200
To: Melvin Carvalho <melvincarvalho@gmail.com>, Web Payments <public-webpayments@w3.org>
Message-ID: <55B47871.1090801@gmail.com>
On 2015-07-26 01:22, Melvin Carvalho wrote:
> I'd like to sketch out a design and workflow for HTTP 402 that I think would be possible to implement as a proof of concept
>
> im trying to design a payment system using SoLiD and HTTP 402 ... I wonder how it would go?
>
> 1    Alice wishes to view resource X costing 1 bit from wallet W
> 2    resource X is ACL protected
> 3    Alice visits controller website and indicates wish to view protected resource
> 3    Controller website sends back HTTP 402 saying payment required and gives a protected location Y for Alice to send a payment
> 4    Controller website subscribes to location Y
> 5    If Alice is verified as sending a payment she is added to ACL of X
> 6    Payment is subtracted from wallet W
> 7    Alice can view resource X
>
> I'll be using the SoLiD framework for this.
>
> Anyone see any obvious flaws in the workflow?

Yes, web browsers don't support HTTP 402 in a way that make this scheme feasible.

So you obviously rely on some mechanism like Chrome extensions or AJAX.

The latter would run on any browser but would still be hit by the #1 problem
with web payments (and federation), i.e. finding your wallet/bank/IdP/etc.

AFAICT, the Web Payment IG haven't yet addressed this topic either...

Or are you rather betting on WebID-TLS here?  Ok, then it might work "as is"
but that's a solution WPIG will not consider.

Anders

> [1] https://linkeddata.github.io/SoLiD/
Received on Sunday, 26 July 2015 06:05:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:41 UTC