Web Payments Community Group Telecon

Minutes for 2012-08-21

Agenda
http://lists.w3.org/Archives/Public/public-webpayments/2012Aug/0021.html
Topics
  1. Client-side Purchase Process
  2. Status Update on PaySwarm Alpha 4 release
  3. HTML5 Web Apps demo details
Chair
Manu Sporny
Scribe
Dave Longley
Present
Dave Longley, Manu Sporny, David I. Lehn
Audio Log
Dave Longley is scribing.
Manu Sporny: Today we'll be reviewing the client-side purchase process, reviewing the alpha 4 payswarm release status update, and discussing the html5 web apps demo
Manu Sporny: Over the last couple of telecons we've been discussing the web key creation/registration process, the asset/listing registration process, and then the final part of that whole process is purchasing the asset

Topic: Client-side Purchase Process

Manu Sporny: the link to the source code in github is in IRC (above)
Manu Sporny: so the assumption at this stage in the process is that a vendor has created and registered a webkey with a payswarm authority, they've created an asset and listing, signed and published those
Manu Sporny: and the final step here is having a customer/buyer purchase the asset that has been listed for sale on the web
Manu Sporny: the other examples have a config part in the source code and that happens at the link in IRC
Manu Sporny: if the listing isn't specified in the config then the program will prompt (via the command line) the user/customer for a listing URL
Manu Sporny: next, the listing is fetched over the web
Manu Sporny: it doesn't matter where it is on the web, because it is digitally-signed and we know by whom
Manu Sporny: it can be from anywhere
Manu Sporny: what the example supports is a JSON-LD listing, it isn't HTML/RDFa here in this example, but other purchase clients support this
Manu Sporny: for example, if you use the wordpress demo linked from dev.payswarm.com all of the asset/listing information is listed in HTML via RDFa
Manu Sporny: a client goes to the HTML page there and gets the RDFa data and builds the JSON-LD listing from that information
Manu Sporny: here, the request for the data just asks for JSON-LD
Manu Sporny: and it is easier/more direct
Manu Sporny: so next you just give the purchase call the listing
Manu Sporny: and the transaction service for processing the purchase (this is the buyer's payswarm authority)
Manu Sporny: you also give it who you are, your source financial account for paying for the asset, your public key ID (URI) for indicating which key you used to sign your purchase request, and your private key for signing your purchase request
Manu Sporny: so the payswarm client will do all of that for you
Manu Sporny: it will sign your purchase request and send it to your payswarm authority, which in turn, will check the amounts are correct on the listing, it is a valid listing, valid asset, everything checks out
Manu Sporny: and if all of that passes, then the authority will run the transaction and then return a digitally-signed receipt back to you
Manu Sporny: the receipt will be signed by the authority
Manu Sporny: the receipt is a shortened form of the contract (a summary) whereas the contract will have all of the fine grained details about your purchase
Dave Longley: Yeah, the process is fairly straight forward. [scribe assist by Manu Sporny]
Manu Sporny: the receipt will just have the summary of what you bought, etc.
Dave Longley: One thing that we should add, is that there is a budgeting system built in. You can associated various vendors with budget amounts. So you can say that Vendor A is associated with the "Games" budget... which may be set at $10/month. [scribe assist by Manu Sporny]
Dave Longley: You can make purchase requests using those budgets. If you omit the account you want to pay with, or you specify a budget ID, the purchase can be run using a budget. If you don't want to accidentally go over your budget, the purchase won't go through. [scribe assist by Manu Sporny]
Dave Longley: You can always manage details of your budget via the PaySwarm Authority. It's very useful to limit spending, or not be bothered when purchasing something (do it in the background). [scribe assist by Manu Sporny]
Manu Sporny: I don't think that budgets are a part of the specs now. [scribe assist by Manu Sporny]
Dave Longley: Yes, not a part of the spec right now, two different PAs don't have to support budgets for this to work. Vendors don't have to know about this existing. If you're a client talking to your PA knows about budgets, it could use them. [scribe assist by Manu Sporny]

Topic: Status Update on PaySwarm Alpha 4 release

Manu Sporny: yeah, we might want to have some spec text in there.
Manu Sporny: last week we (Digital Bazaar) made a release of the reference implementation ... we had to do a quick release to fix a couple of bugs for Melvin for working on a web app demo
Manu Sporny: we also fixed a few other things and updated our release system to make releases quicker
Manu Sporny: we haven't decided what the release cycles are going to be just yet
Dave Longley: Once we stabilize a little more, we can start looking at more scheduled releases. Now it's just based on features/bug fixes as they come through. [scribe assist by Manu Sporny]
Manu Sporny: we also tightened some security, and are using AngularJS for some of the UI now
Manu Sporny: we fixed some bugs that occurred during vendor registration
Manu Sporny: we added some labels for voided/pending transactions, and we cleaned up the deposit UI a bit, fixed general UI bugs, we changed the i18n framework a bit to better support it in the future as needed, the financial activity links were updated to better show/handle your transaction activity in your financial accounts
Manu Sporny: we added ACL for transactions and accounts
Manu Sporny: so we wanted to make sure that people involved in transactions could see what they were involved in without seeing other details like what other people were paid, etc.
Manu Sporny: vendors/customers can see all of the details
Manu Sporny: we added email notifications for purchases and the links in those emails should work now and show the transaction details if you're logged in
Manu Sporny: we're now working on adding the ability to register bank accounts, etc -- these and a few others are the last changes that we're working on before we do a commercial release of the software

Topic: HTML5 Web Apps demo details

Manu Sporny: Melvin sent an email to the mailing list saying he set up a wordpress demo and will be getting that working soon
Manu Sporny: we plan to create another type of demo for melvin... a website with a few web apps (eg: games/productivity app or something) on the landing page
Manu Sporny: and when you click on them, you can purchase access to those web apps
Manu Sporny: and then the website will let you use that application
Manu Sporny: this will be similar to apple store/android store
Manu Sporny: and we also plan to demonstrate in-app payments
Manu Sporny: which will require using the budgeting feature
Manu Sporny: to do background purchases ... (without site-redirection)
Dave Longley: All of the back-end code for background purchases are implemented. We're using this in the payswarm.js demo - there is no re-direction when you make the purchase via the client. If you omit the source account, and there is a budget, if the signature is by a vendor that matches the listing and budget, the purchase is allowed. [scribe assist by Manu Sporny]
Dave Longley: That is, I would think that we have some spec text on this, but I don't think we related it directly on how you do background purchases. How that gets implemented on the PaySwarm Authority side is implementation specific. You need to be able to support a signed purchase request holding the identity of the person doing the purchase request, just not their information. [scribe assist by Manu Sporny]
Manu Sporny: did we make a decision on whether or not it has to come from the vendor?
Manu Sporny: could a vendor say "I'm going to do an auto-purchase for a madonna CD for the client?"
Dave Longley: Right now, we're going to require an association between the vendor and the listing, and is the one that is making the purchase request. If we don't do that, someone else could come in and make multiple purchase requests on somebody else. A buyer trusts the vendor and only the vendor's listings are going to be purchased using the budget that is setup for the vendor. [scribe assist by Manu Sporny]
Manu Sporny: so the vast majority of the code we need is there, there may be bug fixes ,etc.
Manu Sporny: so the next step is creating a github repo, probably doing this in node.js express, etc.
David I. Lehn: Is Melvin just using the WordPress plugin for now? Is there public code yet?
Manu Sporny: Yes, I believe so, no code yet.
Dave Longley: Yeah, most of the code is there, we just need to setup the demo code and integrate with PaySwarm. [scribe assist by Manu Sporny]
Manu Sporny: What's the timeline for this? [scribe assist by Manu Sporny]
Dave Longley: As we have spare cycles... we have lots of other work to do. [scribe assist by Manu Sporny]
Manu Sporny: I'll ping Melvin about this, we have until something like november at the very latest (technical plenary he is attending is then)

Created by the Web Payments Community Group. Shared with love under a CC-BY license.