Re: [Payments Architecture] A vision statement for the web payments architecture work from Adrian Hope-Bailie on 2015-05-19 (public-webpayments@w3.org from May 2015)

From: Adrian Hope-Bailie <adrian@hopebailie.com>
Date: Tue, 19 May 2015 11:08:28 +0200
To: Melvin Carvalho <melvincarvalho@gmail.com>
Cc: Web Payments IG <public-webpayments-ig@w3.org>, Web Payments CG <public-webpayments@w3.org>
Message-ID: <CA+eFz_JSBi6DqOZqERpzD8XPGk6b=SfDCfXsaRBreLmb9rPGvw@mail.gmail.com>

Hi Melvin,

Are you referring to this line:
* Secure by design

I agree with what you're saying but I don't think it's necessary to strip
this statement out completely. I think it's important that we state that
the design is intended to promote security, however that ultimately
translates into the implementation.

Do you have a suggestion for an alternative wording?


On 19 May 2015 at 08:58, Melvin Carvalho <melvincarvalho@gmail.com> wrote:

>
>
> On 18 May 2015 at 14:58, Adrian Hope-Bailie <adrian@hopebailie.com> wrote:
>
>> The IG are trying to finalize a short vision statement for the work we
>> are undertaking, specifically with regards to the architecture we will be
>> developing, for payments on the Web.
>>
>> The document is intended to express the technical principles we consider
>> important in the design of the architecture and I'd appreciate some input
>> on it's content.
>>
>> The document is also intended to be short, less than a page, and as such
>> not too detailed. It's purpose is to frame the design and allow all
>> stakeholders to agree up front that we are aligned on our vision.
>>
>> The audience should be broad, and not necessarily payments or Web
>> technology experts, but since this is related to the design of a technical
>> architecture the content will be technical.
>>
>> Please have a look at the first draft of this document and send me your
>> feedback.
>>
>> https://www.w3.org/Payments/IG/wiki/Payment_Agent_Task_Force/Vision
>>
>
> Personally I would scratch the part on security.  Not because I dont value
> security, but because it's quite a subjective term.  Satoshi said, "A
> certain per centage of fraud is accepted as unavoidable".  I prefer that
> kind of wording.  Also, security can come at the expense of growth and
> scalability.  The value proposition of the web is not as a secure system,
> much like the post office, telephone or email, but rather, as a highly
> connected self organizing system capable of unexpected reuse.  Systems like
> bitcoin and ripple are relatively secure but dont scale too well, systems
> like the web are relatively insecure but scale well.  What we have tended
> to notice with large systems is that security increases with scale.
>
>
>>
>> Thanks,
>> Adrian
>>
>> p.s. Thanks Ian Jacobs for the initial work in getting this started.
>>
>
>

Received on Tuesday, 19 May 2015 09:08:56 UTC