https://www.w3.org/securepay/wiki/Meeting/Oct2020
IJ: Proposed FTF topics -> Status of experimentation with proposed architecture, impact of SPC on SRC thinking, etc.
<clinton> +1
<jeffh> +1
<Fawad> +1
https://github.com/w3c/src/wiki/ProposedArchitecture
IJ: Any experimentation to be able to share with the group?
Fawad: Nothing from us at this time.
Clinton: We are reviewing the proposal; nothing to contribute to virtual meeting
IJ: Interesting question would be to figure out instrument selection to ensure supports SRC
Danyao: I think we have three tracks:
- What we need from 3DS for pilot
- Second track is related to instrument selection; agree we are gathering requirements.
scribe: the user problem
statements need to be fleshed out
... we want to use some of the WPWG session to hear from folks
involved in non-card payment flows
IJ: For 3DS is this task force useful or more WPSIG?
Danyao: more WPSIG
https://github.com/w3c/src/blob/gh-pages/src-prapi.md
https://github.com/w3c/src/wiki/UX-Assumptions-and-Requirements
IJ: Should we start from assumptions and build new architecture?
Danyao: Main question from
browser perspective is: what is a unique problem that having
more integrated browser support would help to solve?
... SRC is out there in some form already. What capability
would improve that?
... e.g., user identity through cookies is a recurring
theme.
IJ: +1 that identity persistence is a big one
AdrianHB: The opportunity to
execute code in a 3p context and rely on cookies seems sought
after
... it could be interesting to have a persistent payment
credential available to limited parties during PR API
... what payment credentials can provide is a more specific
mechanism (than cookies)
... the RP may not be able to authenticate the user, but we
could come up with persistent technology to identify the
user.
IJ: Could card brands document based on experience of what could be improved?
Clinton: I would look at challenges and next steps that card brands need to take to make progress
IJ: How can we be useful?
Clinton: Timing is an issue.
Putting some level of priority ... what is point of time that
these things need to be resolved?
... the work might be the right work but not enough energy to
move forward
Fawad: I would agree. I think
people we spoke with understood the problem to be solved.
... but may not be the top priority
... also some unanswered questions - what origin would host
common payment handler
IJ: Do we need this task force? Or should we elevate to the full WG?
Clinton: That might make sense.
Danyao: +1 to previous comment
from Clinton about making clear urgency
... It's not clear as a WG bystander what the milestones and
deliverables of the task force and urgency
IJ: What we said we would do:
- Develop proposed architecture
https://github.com/w3c/src/blob/gh-pages/src-prapi.md#browser-makers
- Get implementation experience
- Get FPWD
IJ: We stalled on implementation experience
Danyao: We are very curious about
the implementation experience of the card brands
... very important to understand what browser capabilities
would help
[On payment credentials for identity management]
AdrianHB: I am still wrapping my head around SRC. Things are described by roles, and that creates challenges when mapping to real-world entities
IJ: I'd like to use this task
force for (1) hearing implementation experience and (2)
reviewing [NEW] proposals for SRC using new
web capabilities
... so likely only to convene for those things
<jeffh> IJ's musing on Architecture for Selection and Authentication: https://github.com/w3c/webpayments/blob/gh-pages/proposals/arch2020.md
Danyao: I think as browser vendors we could do more to say what we want to see (a sort of template) in order to do things like implementation for testing
<scribe> ACTION: Danyao to send email with questions that will help with prioritization
None scheduled