Web Payments Community Group Telecon

Minutes for 2014-02-26

  1. WebMob Payments Task Force
  2. Web Commerce API Vote
  3. Persona and Web Identity Spec
Manu Sporny
Dave Longley and David I. Lehn
Dave Longley, Manu Sporny, Brent Shambaugh, David I. Lehn, Evan Schwartz
Audio Log
Dave Longley is scribing.
Manu Sporny: Any updates or changes to the agenda today? Hearing none, moving on.

Topic: WebMob Payments Task Force

Manu Sporny: Natasha is at the Mobile World Congress, so can't be here
Manu Sporny: Can you run us through the payments use cases, Brent?
Brent Shambaugh: Paper is trying to deliver a feel for what's out there, talks about current solutions
Brent Shambaugh: I started learning how to edit this thing so i have my own fork of it here: https://github.com/bshambaugh/payments-use-cases
Brent Shambaugh: I'm going to go through and following the template that Natasha created. I have added many payment providers - Square, Dwolla, etc.
Manu Sporny: I think mainly what Natasha is looking for is mobile-specific use cases, that's not to say it's not important to do a survey of all of them, it's important for the web payments group.
Manu Sporny: It might be good to see how each one of these payment mechanisms works for mobile specifically
Manu Sporny: For example, how exactly is Square used on mobile? That's a mobile use case. I don't know if Western Union has any mobile use cases.
Manu Sporny: Square has the little card reader attachment that plugs into the audio jack and you accept credit cards by swiping through that, that's definnitely a mobile use case.
Manu Sporny: Amazon payments may not be super mobile heavy, for example, use case may be different, maybe amazon payments analysis goes in a separate web payments document
Manu Sporny: What do you think of that approach?
Brent Shambaugh: Ok.
Manu Sporny: I think Natasha is looking for mobile-specific stuff ... you could argue anything could work on mobile, but she's looking for example for things like NFC, bluetooth low energy, and how those fit into the payment landscape.
Manu Sporny: For example if you're in a museum and you want to buy a ticket you could use bluetooth low energy, there are some proprietary mobile wallet solutions out there, we should include those.
Manu Sporny: We already have the Web Payments use cases here, which is where we've been gathering over the past several years: https://web-payments.org/specs/source/use-cases/
Manu Sporny: The other thing that we might want to do is to take a look at the use cases for some of the newer initiatives, like Bitcoin, Ripple, etc.
Manu Sporny: I don't know if you've seen this document before, Brent?
Manu Sporny: Whatever you find out and create if it doesn't fit in the mobile use cases document it should go in the Web Payments use cases document
Manu Sporny: I don't know if i'd categorize the "use cases" on Natasha's document for google wallet/paypal as use cases, they are more like product features, which can still be a fine way to go about it, but using use cases lets you genericize it and see the commonality of it.
Manu Sporny: Both google and paypal let you pay via a wallet system, that's a shared use case
Manu Sporny: They both have the ability to use a credit card/debit card, that's a shared use case
Manu Sporny: The ones that are different are ... the paypal case doesn't let you include card loyalty schemes whereas google does
Manu Sporny: At some point the work has to be done to go through all payment mechanisms out there to list what they can and can't do, so it has to be done anyway, the concern is that i'm not sure if you'll be able to do all of that background to do it before the end of march, i don't know if you have that kind of time
Brent Shambaugh: I don't know what i have planned this month really, my assumption is that this will be a week by week thing
Manu Sporny: Yeah it is, by the end of the third week there should be something pretty solid that Natasha can work with.
Manu Sporny: Maybe this is as simple as going to a website and dumping a features list in there?
Manu Sporny: After we have that we can try and organize that
Manu Sporny: It would help if you linked each one of those to a website
Manu Sporny: Then we could say we've got all the popular payment companies on the web and then we can divvy up the work
Manu Sporny: It might be better to just put this all in a wiki
Manu Sporny: It's going to be hard to do PRs for each use case, too much overhead, let's hack on it in a wiki quickly and then put the end result in the document Natasha put together.
Brent Shambaugh: Using a wiki for cooperation might be good
Manu sets up a wiki page for working on Payments and Mobile use cases.
Manu Sporny: Here's the mobile use cases wiki page: https://www.w3.org/community/webpayments/wiki/WebPaymentsMobileUseCases
Manu Sporny: You can create a table to check off each feature for each payment provider, etc.
Manu Sporny: I'll fill out a few examples like PaySwarm and Stripe.

Topic: Web Commerce API Vote

Manu Sporny: We've got a good number of votes coming in, every one is positive except for one.
Manu Sporny: I followed up with the person casting a negative vote ... there was a miscommunication with what the purpose of the spec is.
Manu Sporny: The person thought that the only way to initiate payment was through the browser, but all the spec is trying to do is standardize payment request and repsonse
Manu Sporny: Standardizing what the JSON looks like
Manu Sporny: The API in the document provides an example for how it could be implemented in a browser, but the core of the protocol should be able to be initiated by just doing HTTP and the person that did the negative vote didn't think that was the case.
Manu Sporny: You can do this without the need for something in the browser itself
Manu Sporny: So it was a vote against the browser API (end to end) and it wasn't against standardizing the request and response format, the person that voted negatively would be fine with standardizing those
Manu Sporny: There's a week left in the vote, I'll ping people individually if they haven't already voted. I also failed to specify fields for first and last name for the first 4 people that voted, so they'll have to identify themselves for their votes to stick. That was an unfortunate oversight on my part, I think I know who 2 out of the 4 people are.
Dave Longley: Need to drop off. [scribe assist by David I. Lehn]
David I. Lehn is scribing.
Manu Sporny: We needed Dave Longley to discuss the HTTP Signatures stuff. Maybe we should make this call short?
Evan Schwartz: I'd like to hear a bit more about the Persona / Web Identity spec stuff.

Topic: Persona and Web Identity Spec

Manu Sporny: Mozilla been working on web identity system called Persona.
Manu Sporny: Simple spec that just authenticated that you own a particular email address.
Manu Sporny: You go to site and get digitally signed assertion from email provider so you can sign in.
Manu Sporny: Mozilla Persona decoupled the assertion of who you are from site you log into, very privacy conscious.
Manu Sporny: Made a polyfill for navigator api, that was the other neat thing they did.
Manu Sporny: They could support hundreds of millions of people logging in through persona.
Manu Sporny: The solution was partially centralized at first. Then they suddenly published an "After Action Review", which you typically do at the end of a project.
Manu Sporny: Two weeks ago posted after action review, then they went silent. It has become apparent that the entire persona team has now been assigned to other projects.
Manu Sporny: Not tombstoned but put into maintenance mode. Only work will be volunteer based development, Persona will be kept alive for the foreseeable future.
Manu Sporny: They are going to focus on Firefox accounts, more vertical integration w/ FirefoxOS.
Manu Sporny: They sent out email last week detailing what's going on:
Manu Sporny: They will try to get a blog post about the status out some time this week.
Manu Sporny: If we want more features we'll have to go in and implement them ourselves.
Manu Sporny: We've got a web identity spec that is supposed to integrate with Persona.
Manu Sporny: We're getting some interest from other large organizations in the Web Identity spec and other people are working on their own solutions.
Manu Sporny: Persona going into maintenance mode is a step backwards for the Web. We wanted someone else to develop that solution, but it doesn't look like it's going to happen.
Manu Sporny: The other spec out there is OpenID Connect.
Manu Sporny: Should the web identity spec be compatilble with OpenID Connect? It probably should be, we don't want to pick a winner, but we may have to provide an alternative to OpenID Connect.
Manu Sporny: There are other approaches out there as well, such as Namecoin.
Manu Sporny: That is a fully decentralized solution.
Manu Sporny: Not clear where we should go at this point.
Manu Sporny: The web payments workshop is coming up. Should expect identity will be a big topic there. You need solid identity for payments.
Manu Sporny: Should have alternatives to show for identity and KYC before the workshop.
Manu Sporny: Any comments before we end the call?
Manu Sporny: Brent, we'll work on the use cases in the interim. I'll get the first two examples filled out and then it'd help if you get the rest.
Manu Sporny: We'll chat again next week. Bye!

Created by the Web Payments Community Group. Shared with love under a CC-BY license. Thanks to our contributors.