Re: agenda+ Important discussion of W3C Member review of proposed charter

On 2015-09-21 15:13, Timothy Holborn wrote:
> Credentials questionnaire http://goo.gl/forms/kXzkF7eQJ0

Tim, the Credentials CG doesn't have a counterpart to FIDO.

>
> On Mon, 21 Sep 2015 at 4:37 pm, Anders Rundgren <anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>> wrote:
>
>     On 2015-09-18 21:53, Ian Jacobs wrote:
>      > Dear IG,
>      >
>      > *** 21 SEPTEMBER IS AN IMPORTANT CALL FOR MAKING PROGRESS ON THE WORKING GROUP CHARTER ***
>
>
>     After looking fairly deeply into the matter it seems that the "Super-Providers"
>     can achieve significant improvements in "Security" by simply adopting FIDO solutions.
>     The other quality factor ("Convenience"), is essentially already in place (PayPal,
>     Alibaba, etc.)
>
>     However, creating a comparable user experience and security for a distributed net
>     of payment providers (Banks) would be a daunting task, way more complex than the
>     proposals that so far have been aired in this context.
>
>     Why is that?  Because the "Super-Provider" concept keeps all critical information in
>     one place and is [apparently] also trusted for storing customers' card data, enabling
>     them to do things in a simple and secure fashion, while a distributed system must
>     secure every connection and (in a yet not described fashion), provide a trusted UI.
>
>     A distributed system would require a trust infrastructure like PKI to scale.
>
>     Building something on top of already broken systems like WPIG suggests, is unlikely
>     to get industry support.
>
>     thanks,
>     Anders
>
>

Received on Monday, 21 September 2015 14:05:15 UTC