Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <martin.habovstiak@gmail.com>) id 1YL89Z-00065R-U1
	for bitcoin-development@lists.sourceforge.net;
	Tue, 10 Feb 2015 10:34:49 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.192.48 as permitted sender)
	client-ip=209.85.192.48;
	envelope-from=martin.habovstiak@gmail.com;
	helo=mail-qg0-f48.google.com; 
Received: from mail-qg0-f48.google.com ([209.85.192.48])
	by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1YL89Y-0004Y0-Rr
	for bitcoin-development@lists.sourceforge.net;
	Tue, 10 Feb 2015 10:34:49 +0000
Received: by mail-qg0-f48.google.com with SMTP id a108so26045897qge.7
	for <bitcoin-development@lists.sourceforge.net>;
	Tue, 10 Feb 2015 02:34:43 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.224.88.1 with SMTP id y1mr37025197qal.91.1423564483311; Tue,
	10 Feb 2015 02:34:43 -0800 (PST)
Received: by 10.140.19.18 with HTTP; Tue, 10 Feb 2015 02:34:43 -0800 (PST)
In-Reply-To: <CAAt2M188whrv9VgV8UYBq+kcmgN9b6QQH7+wd7wQYNj8bd4Pcg@mail.gmail.com>
References: <CAAt2M18H0K99bmD4H_FRSeE+O9nGFDruCmo63GOQt1kxAdVBmQ@mail.gmail.com>
	<CAAt2M188whrv9VgV8UYBq+kcmgN9b6QQH7+wd7wQYNj8bd4Pcg@mail.gmail.com>
Date: Tue, 10 Feb 2015 11:34:43 +0100
Message-ID: <CALkkCJbwzo=dRo-WG6kBg9YVYvE6hCy0YHnBa1U-EVhn4KNA9Q@mail.gmail.com>
From: =?UTF-8?B?TeKStnJ0aW4gSOKStmJv4pOLxaF0aWFr?=
	<martin.habovstiak@gmail.com>
To: Natanael <natanael.l@gmail.com>
Content-Type: text/plain; charset=UTF-8
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(martin.habovstiak[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1YL89Y-0004Y0-Rr
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Standardizing automatic pre-negotiation
 of transaction terms with BIP70? (Emulating Amazon one-click purchase at
 all merchants)
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 10 Feb 2015 10:34:50 -0000

Why would anyone want to do anything about payment before choosing
what he wants to buy and for what price? I've never used Amazon but
isn't filling a form with shipping information enough?

2015-02-10 11:21 GMT+01:00 Natanael <natanael.l@gmail.com>:
> BIP70 is a protocol for getting a user's wallet client communicate with a
> merchant's server in order to agree on details like where to send the
> payment, how much to send, what the shipping address is, sending a receipt
> back, and much more using various extensions that adds more functionality.
>
> There could even be advanced functionality for automatically negotiating
> terms. One example could be selecting a multisignature arbitrator both sides
> trust. Another could be to agree on the speed and type of delivery. Many
> more types of decisions could be automatically agreed upon.
>
> But as it is now, it is designed to be initiated at the time of payment. If
> you always want next-day delivery from online stores then you won't always
> know if that's an option until you've filled the digital basket and gone
> through checkout. If you only want to shop with an arbitrator involved same
> thing applies.
>
> Everything that BIP70 enables happens at the last step only, as it is right
> now.
>
> If there could be a BIP70 HTML tag on web shops that automatically triggered
> your wallet as soon as you visit the page, it would be possible for a
> browser extension that talks to your wallet to tell you right away if the
> web shop you're currently looking at has terms you consider acceptable or
> not (note: if your wallet client isn't installed on or linked to that same
> machine, a visible Qr code would be an acceptable alternative which you can
> scan in advance before you start shopping). This notification can even be
> automatically updated as you add and remove things from your cart and
> details like shipping options change.
>
> This would massively simplify the shipping experience and make every web
> shop feel like Amazon.
>
> Of course this has privacy implications and increases exposure to potential
> wallet exploits, but the wallet can ask you if you intend to shop or not at
> each site before it even connects and send any information at all in order
> to mitigate both of those problems. This way it should be reasonably safe.
>
> Another option would be to automatically connect but limit what data is sent
> in order to remain privacy preserving, until the user agrees to send private
> information.
>
> This second method would also open up for the merchant to other send
> relevant information such as details about various certifications from third
> parties, which can include a certification that shows they have been been
> audited and approved by by entity X for purpose Y. If your wallet has that
> entity whitelisted it will show you that certificate (for example "Acme
> Audits have audited and approves of Merchant M's privacy policy and data
> protection"). With a list of predefined types of certifications that the
> wallet understand and accepts, it could (by choice of the user) require a
> certificate to be present to even allow you to make a purchase (lack of
> required certifications would result in automatic denial). No certificate =
> your wallet never proceed to send private information.
>
> Thoughts?
>
> - Sent from my tablet
>
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming. The Go Parallel Website,
> sponsored by Intel and developed in partnership with Slashdot Media, is your
> hub for all things parallel software development, from weekly thought
> leadership blogs to news, videos, case studies, tutorials and more. Take a
> look and join the conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>