Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from <martin.habovstiak@gmail.com>) id 1YL89Z-00065R-U1 for bitcoin-development@lists.sourceforge.net; Tue, 10 Feb 2015 10:34:49 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.192.48 as permitted sender) client-ip=209.85.192.48; envelope-from=martin.habovstiak@gmail.com; helo=mail-qg0-f48.google.com; Received: from mail-qg0-f48.google.com ([209.85.192.48]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1YL89Y-0004Y0-Rr for bitcoin-development@lists.sourceforge.net; Tue, 10 Feb 2015 10:34:49 +0000 Received: by mail-qg0-f48.google.com with SMTP id a108so26045897qge.7 for <bitcoin-development@lists.sourceforge.net>; Tue, 10 Feb 2015 02:34:43 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.224.88.1 with SMTP id y1mr37025197qal.91.1423564483311; Tue, 10 Feb 2015 02:34:43 -0800 (PST) Received: by 10.140.19.18 with HTTP; Tue, 10 Feb 2015 02:34:43 -0800 (PST) In-Reply-To: <CAAt2M188whrv9VgV8UYBq+kcmgN9b6QQH7+wd7wQYNj8bd4Pcg@mail.gmail.com> References: <CAAt2M18H0K99bmD4H_FRSeE+O9nGFDruCmo63GOQt1kxAdVBmQ@mail.gmail.com> <CAAt2M188whrv9VgV8UYBq+kcmgN9b6QQH7+wd7wQYNj8bd4Pcg@mail.gmail.com> Date: Tue, 10 Feb 2015 11:34:43 +0100 Message-ID: <CALkkCJbwzo=dRo-WG6kBg9YVYvE6hCy0YHnBa1U-EVhn4KNA9Q@mail.gmail.com> From: =?UTF-8?B?TeKStnJ0aW4gSOKStmJv4pOLxaF0aWFr?= <martin.habovstiak@gmail.com> To: Natanael <natanael.l@gmail.com> Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (martin.habovstiak[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1YL89Y-0004Y0-Rr Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net> Subject: Re: [Bitcoin-development] Standardizing automatic pre-negotiation of transaction terms with BIP70? (Emulating Amazon one-click purchase at all merchants) X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: <bitcoin-development.lists.sourceforge.net> List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> List-Post: <mailto:bitcoin-development@lists.sourceforge.net> List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> X-List-Received-Date: Tue, 10 Feb 2015 10:34:50 -0000 Why would anyone want to do anything about payment before choosing what he wants to buy and for what price? I've never used Amazon but isn't filling a form with shipping information enough? 2015-02-10 11:21 GMT+01:00 Natanael <natanael.l@gmail.com>: > BIP70 is a protocol for getting a user's wallet client communicate with a > merchant's server in order to agree on details like where to send the > payment, how much to send, what the shipping address is, sending a receipt > back, and much more using various extensions that adds more functionality. > > There could even be advanced functionality for automatically negotiating > terms. One example could be selecting a multisignature arbitrator both sides > trust. Another could be to agree on the speed and type of delivery. Many > more types of decisions could be automatically agreed upon. > > But as it is now, it is designed to be initiated at the time of payment. If > you always want next-day delivery from online stores then you won't always > know if that's an option until you've filled the digital basket and gone > through checkout. If you only want to shop with an arbitrator involved same > thing applies. > > Everything that BIP70 enables happens at the last step only, as it is right > now. > > If there could be a BIP70 HTML tag on web shops that automatically triggered > your wallet as soon as you visit the page, it would be possible for a > browser extension that talks to your wallet to tell you right away if the > web shop you're currently looking at has terms you consider acceptable or > not (note: if your wallet client isn't installed on or linked to that same > machine, a visible Qr code would be an acceptable alternative which you can > scan in advance before you start shopping). This notification can even be > automatically updated as you add and remove things from your cart and > details like shipping options change. > > This would massively simplify the shipping experience and make every web > shop feel like Amazon. > > Of course this has privacy implications and increases exposure to potential > wallet exploits, but the wallet can ask you if you intend to shop or not at > each site before it even connects and send any information at all in order > to mitigate both of those problems. This way it should be reasonably safe. > > Another option would be to automatically connect but limit what data is sent > in order to remain privacy preserving, until the user agrees to send private > information. > > This second method would also open up for the merchant to other send > relevant information such as details about various certifications from third > parties, which can include a certification that shows they have been been > audited and approved by by entity X for purpose Y. If your wallet has that > entity whitelisted it will show you that certificate (for example "Acme > Audits have audited and approves of Merchant M's privacy policy and data > protection"). With a list of predefined types of certifications that the > wallet understand and accepts, it could (by choice of the user) require a > certificate to be present to even allow you to make a purchase (lack of > required certifications would result in automatic denial). No certificate = > your wallet never proceed to send private information. > > Thoughts? > > - Sent from my tablet > > > ------------------------------------------------------------------------------ > Dive into the World of Parallel Programming. The Go Parallel Website, > sponsored by Intel and developed in partnership with Slashdot Media, is your > hub for all things parallel software development, from weekly thought > leadership blogs to news, videos, case studies, tutorials and more. Take a > look and join the conversation now. http://goparallel.sourceforge.net/ > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development >