Re: sketching out HTTP 402 workflow from Joseph Potvin on 2015-07-26 (public-webpayments@w3.org from July 2015)

From: Joseph Potvin <jpotvin@opman.ca>
Date: Sun, 26 Jul 2015 10:17:33 -0400
To: Web Payments <public-webpayments@w3.org>
Message-ID: <CAKcXiSrDDFVhoOHmN6_ADYjKqdfMEn1ePeXCKQcA52nrm0dZYw@mail.gmail.com>

RE: "Unsure the IG has interest in this topic, it's meant for the CG"

It's probably time to map out the topics of interest to the CG, and within
that, to clearly identify the subset of current interest to the IG.  The IG
could express interest in some of these for its future work. Outside of
those, some could be grouped for a different W3C IG, new or existing.
Outside of those, Others some could be packaged as suggestions for other
standards bodies to consider picking up (IETF; JTC1; OASIS; etc.).

Joseph Potvin
Operations Manager | Gestionnaire des opérations
The Opman Company | La compagnie Opman
jpotvin@opman.ca
Mobile: 819-593-5983

On Sun, Jul 26, 2015 at 10:04 AM, Melvin Carvalho <melvincarvalho@gmail.com>
wrote:

>
>
> On 26 July 2015 at 08:04, Anders Rundgren <anders.rundgren.net@gmail.com>
> wrote:
>
>> On 2015-07-26 01:22, Melvin Carvalho wrote:
>>
>>> I'd like to sketch out a design and workflow for HTTP 402 that I think
>>> would be possible to implement as a proof of concept
>>>
>>> im trying to design a payment system using SoLiD and HTTP 402 ... I
>>> wonder how it would go?
>>>
>>> 1    Alice wishes to view resource X costing 1 bit from wallet W
>>> 2    resource X is ACL protected
>>> 3    Alice visits controller website and indicates wish to view
>>> protected resource
>>> 3    Controller website sends back HTTP 402 saying payment required and
>>> gives a protected location Y for Alice to send a payment
>>> 4    Controller website subscribes to location Y
>>> 5    If Alice is verified as sending a payment she is added to ACL of X
>>> 6    Payment is subtracted from wallet W
>>> 7    Alice can view resource X
>>>
>>> I'll be using the SoLiD framework for this.
>>>
>>> Anyone see any obvious flaws in the workflow?
>>>
>>
>> Yes, web browsers don't support HTTP 402 in a way that make this scheme
>> feasible.
>>
>> So you obviously rely on some mechanism like Chrome extensions or AJAX.
>>
>
> Yes, I'm going to use AJAX.  I think it's very common these days for
> websites to use AJAX.  All browsers support it, I believe.
>
>
>>
>> The latter would run on any browser but would still be hit by the #1
>> problem
>> with web payments (and federation), i.e. finding your wallet/bank/IdP/etc.
>>
>
> Why is this a problem?  Linked data and follow your nose to the rescue!
>
>
>>
>> AFAICT, the Web Payment IG haven't yet addressed this topic either...
>>
>
> Unsure the IG has interest in this topic, it's meant for the CG.
> Hopefully I can write up an RFC if I get time, but at the moment I'm trying
> to create a workflow and working demo.
>
>
>>
>> Or are you rather betting on WebID-TLS here?  Ok, then it might work "as
>> is"
>> but that's a solution WPIG will not consider.
>
>
> Yes, currently my implementation is going to use WebID-TLS which I
> actually like a lot.  What the IG considers, is not my problem, my goal is
> to create running code and use it, and to leverage the expertise here to
> make it standards quality.  Im not trying to win a popularity contest, just
> show what technology can do ... :)
>
>
>>
>>
>> Anders
>>
>>
>>  [1] https://linkeddata.github.io/SoLiD/
>>>
>>
>>
>

Received on Sunday, 26 July 2015 14:18:21 UTC