<scribe> Scribe: Ian
nicktr: It's been a while! Good
to talk with you again
... AOB?
NickTR: Virtual event
... We want to reuse the format we used for our virtual
(Dublin) meeting earlier this year
... 2-hour meetings over four days
... we are looking at 19-23 October, from 8-10am PT each day /
3-5pm UTC
NickTR: we recognize that this is challenging for some time zones
https://www.w3.org/2020/10/TPAC/
<nicktr> scribenick: nicktr
ian: gives broader context on
TPAC
... meeting organisers are trying to bring some of the same
advantages as the physical meetings
... it's been suggested to break up TPAC into three
sections:
... 12-16 for joint meetings
... 19-21 October for Group Meetings
... 26-30 October for breakouts (like the Wednesday of a
'normal' TPAC)
<Ian> WPSIG => 6,7 Oct meeting
ian: WPSIG will meet 6-7 Oct
meeting to avoid FIDO and EMVCo meetings
... we realise that 19-22 Oct may be challenging
clinton: noting WPSIG 6-7 Oct dates
nicktr: this is one of the
reasons we're trying to give an early heads up
... we're starting to think about content
<scribe> scribenick:Ian
NickTR: Some ideas for agenda:
- UPdate on deliverables
- Moderated panels (e.g., state of play on payments generally, or authentication)
- Progress report regarding Secure Payment Confirmation experiment
- Progress / status of SRC through PR API
NickTR: What would make the
meeting valuable to you?
... Demos always welcome
<nicktr> ian: we will continue to look for opportunites forjoint sessions with WPSIG, Authentication etc
<nicktr> scribenick: nicktr
<Ian> Secure Payment Confirmation proposal
<Ian> Ian deck
ian: I am putting together a deck
which is still WIP
... I am trying to capture the state of play
... I cannot speak concretely about the specific progress at
Stripe/Google
... the goal of Payment Request was to streamline
checkout
... early on we focused on enhancing returning data stored in
the browser
... but implementation/feedback/experimentation have begun to
shift our focus onto streamline the selection of instruments
and strong authentication via WebAuthn
... that seems to be very interesting to folk
... we are talking in WPSIG about what changes might be
required in 3DS
... and in the joint task force about WebAuthn changes
... so the question is "can we add value to the ecosystem by
reducing friction for strong authentication"
... in practice, this has moved our focus away from some other
areas including moving along the rec track, and on SRC
... secure payment confirmation may have implications for our
SRC architecture
... so it feels like we're in an incubation period just
now
... talks about http://www.w3.org/2020/08/prapi-arch.pdf
at a high level
... are there now scenarios where we don't need payment
handlers?
... and we are beginning to think about generalised
authentication flows (not just 3DS)
... is there appetite for browsers to store payment
credentials?
<Ian> scribenick: Ian
NickTR: Thanks for the summary Ian. We wanted to talk about this as an incubation period.
clintona: Thanks for the slides. When you started the discussion on that you were asking a question, but you didn't quite finish the question
<nicktr> ian: two threads. 1) concrete work to try to drop webauthn into a 3DS flow as the step up (instead of OTP, for example)
<nicktr> ...2) and then what are the broader consequences for PR/handlers?
<nicktr> ...help is always welcome - here and in WPSIG
https://github.com/rsolomakhin/secure-payment-confirmation
<nicktr> ...the new github repo is the best place to give us feedback
https://github.com/rsolomakhin/secure-payment-confirmation/issues
<nicktr> ...there are two more proposals in the issues in that repo
NickTR: Yes, we are always
seeking more help.
... Other work has not stopped; we are looking at how these
proposals relate
nickTR: I will be acting as team contact in this coming group
"The mission of the Merchant Business Group (“Merchant BG”) is to improve the Web for both business-to-business (B2B) merchants and business-to-consumer (B2C) merchants."
nickTR: The IG will not publish specs but rather focus on use cases and requirements
<clintona> -Q
NickTR: Payments on the agenda but the agenda is broader than that.
3 Sep
NickTR: Thanks all!