Web Payments Community Group Telecon

Minutes for 2014-10-15

Dave Longley is scribing.
Manu Sporny: Today is a quick intro of James Dailey and his interest in the group and then W3C TPAC Web Payments CG Presentation, talking about the roadmap, and then reviewing use cases feedback. Any questions or changes?

Topic: Introduction to James Dailey from Mifos

James Dailey: http://mifos.org/
James Dailey: Started about 8 years ago to bring an open platform to microfinance, we've expanded and rewritten it to be a core transaction platform and used for retail for direct banking, we have 100s of implementations globally, we have several dozen integrators, to serve the needs of their banking partners, it's completely open source, it's Java, MySQL, etc. We have a pretty involved API, connecting to the Web interfaces, etc. I'm interested in integrating a Web payments platform or mobile payments platform with our system. We want to put this up in the cloud and offer a full stack for mobile payments in various countries, etc.
Manu Sporny: That sounds great and fairly aligned with the kind of stuff we're working on here, something like mifos would be good to prove interoperability.
Manu Sporny: Have you dealt with W3C in any way before?
James Dailey: Way back in the 90s I was working on the OASIS project.
Manu Sporny: I was wondering if you're a W3C member.
James Dailey: Nope.
Manu Sporny: The CG is completely open and anyone can join, but the reason I ask is that there would be an interest in getting you involved in the Working Groups that get spun up.
Manu Sporny: We'd like to have you be represented in the technical work, we don't have any open source/banking/financial platforms involved right now.
Manu Sporny: Is the org a non-profit?
James Dailey: Yes, and it's based in Seattle, but we're very virtual.
Manu Sporny: Great, that's aligned with W3C (also very virtual). We'd like to have your area of expertise represented in the group, we'll take more of this offline.
Manu Sporny: Moving forward, we'd be interested in hearing if we're meeting the needs of the mifos platform, it's a perfect example of where we'd like to see the technology used.
James Dailey: I'm not one of the devs on the platform on this point. There's a regular dev call on Thursdays that anyone can join. For now I'm getting a feel for where you guys are at and looking at your archive and getting where the state is.
Manu Sporny: Ok, great.

Topic: W3C TPAC - Web Payments CG Presentation

Manu Sporny: So this work started 4-5 years ago, we created the CG about 2 years after that. W3C is ~400 member orgs, most big technology orgs are part of W3C. We've been lobbying W3C to make web payments a core part of the Web, making payments secure and as easy as it is to send an email today. We've had some great success over the last year. We had the world's first Web Payments workshop in Paris this year, a bunch of W3C orgs joined and decided that Web Payments should get done. Over the past month there was a vote to officially get this work started at W3C. The vote will say that the work has been started, and in 2 weeks on 27th,28th in Santa Clara, CA, at W3C TPAC there will be a first face-to-face meeting.
Manu Sporny: The meeting will be about what type of work the W3C membership would like to do about Web Payments. The minutes from the meeting will be public and you'll know all the companies that participated after October.
Manu Sporny: This agenda item is about discussing what we'll be presenting (the CG) for an hour at TPAC.
Manu Sporny: The use cases are a boiling down of the use cases that came out of the workshop earlier this year.
Manu Sporny: These are some docs we can talk about and present in the one hour at TPAC.
Manu Sporny: So the question is, other than the use cases and the roadmap, what are the main points that we want to make?
Dave Longley: Other than those two documents, it's important that we emphasize that a lot of work has taken place in the CG around this technology and keeping the scope focused on what we think is achievable. That was discussed earlier in the year. [scribe assist by Manu Sporny]
Dave Longley: We have technical specifications to look at - that ties into road map and use cases. [scribe assist by Manu Sporny]
Dave Longley: I think talking about those three things would be good enough for the hour that we have. [scribe assist by Manu Sporny]
Manu Sporny: We also have the credentials CG that will be talking in the hour following us. It's good that this will be the first major discussion and it will be about the work the CG has been doing. We probably want to avoid talking about credentials until that meeting/presentation.
Manu Sporny: The feedback that we've gotten from the chairs is that they don't want to presuppose any set of use cases. They want the W3C membership to try and work through what the use cases should be. The downside for that is that we already did that at the workshop and it takes a long time to do that.
Manu Sporny: It might be good for us to have a very-high level review of design criteria and use cases.
Manu Sporny: But at least saying, for example, we've got "data portability is important".
Manu goes down use case list outlining examples we could provide.
Dave Longley: One thing we could do is start off in areas that are clear where we could get interoperability - initiating payments, digital receipts, etc. [scribe assist by Manu Sporny]
Dave Longley: We could then go into things you're talking about at a high level - general idea - we've found at least two areas that we can focus on to get something standardized to get payment processors to interoperate. [scribe assist by Manu Sporny]
Dave Longley: We want to give them a higher-level overview at first - these are the areas that we can standardize. We don't want to dive into the details too early. Different payment processors are out there - standardize on how we initiate a payment and then provide digital receipt on how that happens. Details inbetween are largely out of scope. There are a lot of other use cases that can be created from those two basic things we think we can standardize. [scribe assist by Manu Sporny]
Dave Longley: Then we can go into data portability, etc. [scribe assist by Manu Sporny]
Dave Longley: 20 Minutes of presentations, 40 minutes of questions. [scribe assist by Manu Sporny]
Manu Sporny: We do have that roadmap document, we list the entire stack of specs/techs for the CG to work on. It could be missing things that other CG members want in there, but to date these are the specs we have in there. If other people want to add things they should create a spec and publish it for us to add it.
Manu Sporny: The problem with the roadmap is that we haven't had a chance to vote on it, but we do know that the group has approved the techs/specs.
Dave Longley: One thing we could do is say - here is a set of technologies that have been approved by the group, and this is a proposed way to put it into a roadmap to move forward. This is a way that we could get these proposed technologies in there. The technologies themselves have been approved by the group. [scribe assist by Manu Sporny]
Manu Sporny: We'll put that out there and if anyone from CG has any concerns we can tweak it.
Manu Sporny: So 20 mins of presentation, keep it high-level, let people know there's a use cases and roadmap. Let them know there's a set of techs/specs for the work, etc. and go into questions at that point.
Manu Sporny: Anyone else on the call have thoughts/concerns about how we'll be presenting this at TPAC?
Manu Sporny: The agenda will go out later today. The schedule is Monday and Tuesday (27-28th) are all day sessions on Web Payments. On the 27th we'll have a 1 hour slot for this CG and 1 hour slot for Credentials CG. The rest of the time will be Web Payments talk and the agenda will be out later today.
Manu Sporny: In the morning on Tuesday we'll talk Credentials and then later in the afternoon we'll recap.
Manu Sporny: On Wednesday we'll review what happened.
Manu Sporny: That's for a review for members that aren't directly involved in the work to understand what has happened and what will happen in the near future.
Manu Sporny: I'll put together the slide deck and hopefully we can review by end of today or tomorrow
Manu Sporny: James, did that make sense? You're jumping right in the middle of all this stuff, could you make out what's going on?
James Dailey: Sure! It's very understandable, I'm sure there's lots of politics I don't get.
Manu Sporny: There aren't too many politics just yet; and W3C will focus on the technical work to avoid any politics between the big orgs. The focusing is on use cases, tech, and implementations.

Topic: Web Payments Roadmap Review

Manu Sporny: This outlines the tech stack that the CG has approved with votes and we lay it out so people can understand how the stack looks and what's done and what isn't.
Dave Longley: We may want to put another box in there with vocabularies. [scribe assist by Manu Sporny]
David I. Lehn: It may be difficult to make everything match up in a box format. [scribe assist by Manu Sporny]
Manu Sporny: Here's the Credentials CG technology stack: http://opencreds.org/specs/source/roadmap/#technology-stack [scribe assist by Manu Sporny]
Dave Longley: This group originally started out as the Web Payments group... the Credentials group was split off to deal w/ identity/credentials for other industries (including finance/banking) [scribe assist by Manu Sporny]
Dave Longley: The Credentials CG works on 'credentials' - crypographically provable claims about things - merchant offering a good for sale (with digital signature on the offer), person's Know Your Customer details, etc. [scribe assist by Manu Sporny]
James Dailey: Does the Credentials CG get into biometrics?
Manu Sporny: Only in that we want to reuse it.
Manu Sporny: The Credentials CG is narrowly-focused -- it's about being able to prove that one entity made claims about another entity.
Manu Sporny: Examples of credentials are passports, driver's licenses, proofs of age, etc. it could be retinal scans, etc.
Manu Sporny: So we're talking about the credential container format and how to verify it.
Manu Sporny: For example, in the future if you're doing some critical govt work, and they'd do a palm vein scan on you, and they'd digitally sign it and give that to you and you could give that credential to get access to some secure website.
James Dailey: Makes sense, and you're one step above the actual id verification.
James Dailey: In Uganda or other nations without certain kinds of ID we're looking at if we can use things like photos from a smartphone, etc. to build an identity iteratively.
James Dailey: I wanted to understand where you were with that.
Manu Sporny: On Tuesdays we have Credential CG calls and we have members such as ETS participating.
Manu Sporny: The use case you just outlined is a very important use case that we're actively pursuing. We believe we have tech for this. 3rd parties could create identity credentials for you and the only thing that matters is that the consumer has to trust the NGO or for-profit company that created the credential in the first place. You can use multiple different decentralized credentials to do KYC.
Manu Sporny: You can mix and match and put different creds together.
James Dailey: Great, thanks.
Manu Sporny: We've had a number of people say we shouldn't focus on identity because it could be a quagmire, etc. and that's another reason it was spun off into its own group.
Evgeny Vinogradov: Is JSON the only message format that can be used? Or can it be extended to use XML for example?
Manu Sporny: You could argue that RDF XML could be used, but right now there's no XML stack. We made this decision early on and we want Web devs adopting this technology and XML isn't something that Web devs, in general, tend to like. There certainly are XML-based APIs that exist, and we could talk about XML, and certainly it's used for backend clearing like ISO-(swift) but that's really for backend clearing, etc.
Evgeny Vinogradov: I'm not sure its a problem, just wanted to mention that other formats may be desired/want to be discussed.
Manu Sporny: Sure, the banking industry is very XML-driven and just getting into JSON. It may be a point of contention. We tried to develop a tech stack that Web devs would get excited about and XML isn't something like that.
Manu Sporny: We should have an in-depth discussion at TPAC.
Manu Sporny: We dont' address the XML stack and it could be a big problem and if we want to use XML we have to bring in a whole other tech stack, signatures, XML processor, etc.
Manu Sporny: Here's what we can say is that people *can* use RDF XML but I don't think anyone wants to do that.
Manu Sporny: If we're using Semantic Web linked data technology, then XML doesn't really let that happen other than RDF XML and the developer community has railed against that, it's very disliked.
Manu Sporny: We should discuss it; the other thing we don't want to have happen is that the banking community might run away if it doesn't say XML.
Dave Longley: One thing that might help is to front-run - this is the front-end stack of technologies. Backend clearing can still use XML - we're trying to achieve interoperability at front-end right now, not back-end as well. [scribe assist by Manu Sporny]
Manu Sporny: One possibility is that a bank runs this software to do payment initiation and digital receipts, but then they'd use ISO202122 [?]for backend clearing that they already have implemented.
Manu Sporny: On this time scale we're about 60-90% complete on the first three items. We need to update http sigs and push it through the process we're like 90% done. We just need to update RDF normalization spec to the latest version and put it through a W3C group, they are basically just waiting on us to say when we should start that work.
Manu Sporny: We're probably 70% of the way through the Web Commerce spec, but only 20% of the way through Web Commerce API, we want a polyfill for it and want browsers to eventually implement but can't count on it.
Manu Sporny: I don't think the timeline really expresses that information.
Dave Longley: You could put some in-line progress bars. [scribe assist by Manu Sporny]
Evgeny Vinogradov: A good idea would be to point to boxes that can be developed in parallel.
Evgeny Vinogradov: We can't easily tell from the picture
Manu Sporny: Almost all of them can be done in parallel, really, but we should make that more clear.
Manu Sporny: Let's say we spun out a technical working group for each blue block, they could all be done in parallel. They'd just need to be synced up right at the end.
Manu Sporny: Since we've got technical implementations of this stuff we can integrate quickly.
Manu Sporny: The thing I wanted to get away from was just having all the blocks be aligned. They can all be done in parallel and it would just look like a big stack.
Manu Sporny: Maybe we can say that all of them can start together.
Dave Longley: Maybe left-align them then the right sides become a bit longer [scribe assist by Manu Sporny]
Evgeny Vinogradov: Talk about dependencies.
Manu Sporny: I'll try another iteration and publish to the mailing list and we can talk more next week after we've redone the diagram.
Manu Sporny: The last thing at the bottom of the roadmap are active collaborators. We want to reach out to SWIFT and US Fed as two examples, SWIFT is interested and keeping up to date and they aren't sending anyone to participate, US Fed is assigning people and are directly involved in the work. The latter group is listed on here.
Manu Sporny: These are the orgs that are making it part of their mission to make Web Payments a success.
Manu Sporny: We have technical groups on the left and policy groups on the right and Open Payments Foundation in the middle whose only purpose is to make these standard techs. The OPF is there to create open source implementations of these technologies.
Manu Sporny: I didn't put all the orgs that fall under the W3C umbrella, are there any other external orgs that should be on here that we missed?
Manu Sporny: This is what the sister document looks like at Credentials CG: http://opencreds.org/specs/source/roadmap/#active-collaborators
Manu Sporny: This is from the Credentials CG and here you'll notice the Badge Alliance (a spin off from Mozilla) is in the middle there too.
Manu Sporny: They have been added because they are a different consortium outside of W3C that are actively involved in this work in creating badges for people.
Manu Sporny: We're at the top of the hour, anything else to discuss today?
Manu Sporny: We have what should go into the CG presentation at TPAC, we'll float that out to the other CG members and get feedback, and then we're ready for TPAC.
Manu Sporny: Any other thoughts or concerns, things to deal with before TPAC?
No other thoughts, meeting adjourned.

Created by the Web Payments Community Group. Shared with love under a CC-BY license. Thanks to our contributors.