Re: agenda+ Important discussion of W3C Member review of proposed charter from Timothy Holborn on 2015-09-21 (public-webpayments@w3.org from September 2015)

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Mon, 21 Sep 2015 13:13:22 +0000
To: Anders Rundgren <anders.rundgren.net@gmail.com>, Web Payments CG <public-webpayments@w3.org>, "public-webpayments-comments@w3.org" <public-webpayments-comments@w3.org>
Message-ID: <CAM1Sok1cie7ibkzH3BsO9RbtA-gO4PUGxXQ=dC_LkSAaXEGv3A@mail.gmail.com>

Credentials questionnaire http://goo.gl/forms/kXzkF7eQJ0

On Mon, 21 Sep 2015 at 4:37 pm, Anders Rundgren <
anders.rundgren.net@gmail.com> wrote:

> On 2015-09-18 21:53, Ian Jacobs wrote:
> > Dear IG,
> >
> > *** 21 SEPTEMBER IS AN IMPORTANT CALL FOR MAKING PROGRESS ON THE WORKING
> GROUP CHARTER ***
>
>
> After looking fairly deeply into the matter it seems that the
> "Super-Providers"
> can achieve significant improvements in "Security" by simply adopting FIDO
> solutions.
> The other quality factor ("Convenience"), is essentially already in place
> (PayPal,
> Alibaba, etc.)
>
> However, creating a comparable user experience and security for a
> distributed net
> of payment providers (Banks) would be a daunting task, way more complex
> than the
> proposals that so far have been aired in this context.
>
> Why is that?  Because the "Super-Provider" concept keeps all critical
> information in
> one place and is [apparently] also trusted for storing customers' card
> data, enabling
> them to do things in a simple and secure fashion, while a distributed
> system must
> secure every connection and (in a yet not described fashion), provide a
> trusted UI.
>
> A distributed system would require a trust infrastructure like PKI to
> scale.
>
> Building something on top of already broken systems like WPIG suggests, is
> unlikely
> to get industry support.
>
> thanks,
> Anders
>
>
>

Received on Monday, 21 September 2015 13:14:01 UTC