W3C home > Mailing lists > Public > public-webpayments@w3.org > May 2015

Re: [Payments Architecture] A vision statement for the web payments architecture work

From: Adrian Hope-Bailie <adrian@hopebailie.com>
Date: Wed, 20 May 2015 16:07:18 +0200
Message-ID: <CA+eFz_J=N2X0oJRtmn9OEmq10mYss5bfgJxyZHMwjKoWpg5nsQ@mail.gmail.com>
To: Kepeng Li <kepeng.lkp@alibaba-inc.com>
Cc: David Ezell <David_E3@verifone.com>, Ian Jacobs <ij@w3.org>, Manu Sporny <msporny@digitalbazaar.com>, Web Payments IG <public-webpayments-ig@w3.org>, Web Payments CG <public-webpayments@w3.org>
All suggestions incorporated.

On 20 May 2015 at 08:48, Kepeng Li <kepeng.lkp@alibaba-inc.com> wrote:

> > Supports a wide spectrum of security needs to meet industry and
> >regulatory expectations.
>
>
> I propose to add privacy in the sentence:
> Supports a wide spectrum of security and privacy needs to meet industry
> and regulatory expectations.
>
>
> In the use case document, we have already mentioned some privacy
> requirements, and we have also talked about minimizing the exposure of
> sensitive information in the subsequent bullets.
>
> Thanks,
>
> Kind Regards
>
> Kepeng Li
> Alibaba Group
>
>
> 在 20/5/15 8:25 am, "David Ezell" <David_E3@VERIFONE.com> 写入:
>
> >That's good.
> >
> >-----Original Message-----
> >From: Ian Jacobs [mailto:ij@w3.org]
> >Sent: Tuesday, May 19, 2015 8:07 PM
> >To: David Ezell
> >Cc: Manu Sporny; Web Payments IG; Web Payments CG
> >Subject: Re: [Payments Architecture] A vision statement for the web
> >payments architecture work
> >
> >* PGP Signed by an unknown key
> >
> >
> >> On May 19, 2015, at 3:10 PM, David Ezell <David_E3@VERIFONE.com> wrote:
> >>
> >> Hi Folks:
> >>
> >> Ian wrote:
> >>> * Supports a wide spectrum of security needs to meet industry and
> >>>regulatory expectations.
> >>>   To meet regulatory requirements and give people enough confidence to
> >>>use the Web for
> >>>   payments, the architecture must support a wide spectrum of security
> >>>requirements and
> >>>   solutions. This includes the ability to encrypt strongly both
> >>>sensitive information and the
> >>>   channels used to exchange the information, as well as supporting an
> >>>evolving variety of
> >>>   authentication techniques (multifactor, biometric, etc.). Trust in
> >>>the Web of payments
> >>>   is critical to its success.
> >>
> >> Yes, all good.  Gives a list of things that will be included.  Somehow
> >>(and there's a lot there already) I think it should say what we will
> >>attempt >not< to require.
> >> Perhaps a second bullet for clarity:
> >> "* Minimizes (eliminates?) reliance on Personally Identifiable
> >>Information (PII) to fulfill any requirements.”
> >
> >How about:
> >
> >* Supports a wide spectrum of security needs to meet industry and
> >regulatory expectations.
> >   Trust in the Web of payments is critical to its success.
> >   To meet regulatory requirements and give people confidence to use the
> >Web for
> >   payments, the architecture must support a wide spectrum of security
> >requirements and
> >   solutions. This includes minimizing what sensitive information is
> >shared as well as the ability
> >   to encrypt that information (both in transit and when stored). The
> >architecture will also need
> >   to support an evolving variety of authentication techniques
> >(multifactor, biometric, etc.).
> >
> >Ian
> >
> >--
> >Ian Jacobs <ij@w3.org>      http://www.w3.org/People/Jacobs
> >Tel:                       +1 718 260 9447
> >
> >
> >
> >
> >* Unknown Key
> >* 0x0ECB09CB
> >________________________________
> >This electronic message, including attachments, is intended only for the
> >use of the individual or company named above or to which it is addressed.
> >The information contained in this message shall be considered
> >confidential and proprietary, and may include confidential work product.
> >If you are not the intended recipient, please be aware that any
> >unauthorized use, dissemination, distribution or copying of this message
> >is strictly prohibited. If you have received this email in error, please
> >notify the sender by replying to this message and deleting this email
> >immediately.
>
>
>
>
Received on Wednesday, 20 May 2015 14:07:50 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:40 UTC