Author: Erik Aronesty 2016-06-20 17:33:32
Published on: 2016-06-20T17:33:32+00:00
The BIP 0070 protocol has had moderate success but there are several areas in which it could be improved. Firstly, the reliance on protocol buffers is seen as inappropriate as ease of use and extensibility are favoured over minor efficiency gains. It is suggested that JSON messages should be used instead. Secondly, there is a problematic reliance on merchant-supplied https (X509) as the sole form of merchant identification, and alternative schemes such as dnssec/netki, PGP and Keybase have been proposed as good ideas. Keybase is preferred since there is no reliance on the existing domain-name system. Thirdly, an optional client-supplied identification is missing and basic subscription support is lacking.Proposals for subscriptions include using BIP0047 payment codes instead of wallet addresses when establishing subscriptions, or merchants specifying replacement addresses in ACK/NACK responses. Wallets must confirm and store subscriptions, and are responsible for initiating them at the specified interval. Intervals can only be from a preset list of weekly, biweekly, or 1, 2, 3, 4, 6 or 12 months. Intervals missed by more than 3 days cause suspension until the user re-verifies. Wallets may optionally ask the user whether they want to be notified and confirm every interval, or not. Wallets that do not ask must notify before initiating each payment. Interval confirmations should begin at least 1 day in advance of the next payment.Proposals in general include using JSON instead of protocol buffers going forward, and an "extendible" URI-like scheme to support multi-mode identity mechanisms on both payment and subscription requests. Support for keybase://, netki:// and others as alternates to https:// would also be provided. Additionally, support for client as well as merchant multi-mode verification would be available. Ideally, the identity verification URI scheme is somewhat orthogonal/independent of the payment request itself.It is suggested that this should be a new BIP, with an identity-protocol-agnostic BIP and solid implementation of a couple of major protocols without any mention of payment URI's, just a way of sending and receiving identity verified messages in general. Plugins for identity protocols could be implemented if the idea is deemed good. It is debated whether https:// or keybase, or PGP or netki all by themselves are enough or if it is always better to have an extensible protocol.
Updated on: 2023-06-11T18:48:57.028720+00:00