---
title: "{Network}" Payment Method for HTTP Payment Authentication
abbrev: "{Network}" Payment Method
docname: draft-{network}-payment-method-00
version: 00
category: info
ipr: noModificationTrust200902
submissiontype: IETF
consensus: true
author:
- name: Your Name
ins: Y. Name
email: you@example.com
org: Your Organization
---
This document defines the "{network}" payment method for use with the Payment HTTP Authentication Scheme [I-D.httpauth-payment]. It specifies how clients and servers exchange payments using [Network Name]'s payment infrastructure.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.
- Introduction
- Requirements Language
- Terminology
- Method Identifier
- Supported Intents
- Intent: "charge"
- Intent: "authorize"
- Intent: "subscription"
- Verification Procedure
- Settlement Procedure
- Security Considerations
- IANA Considerations
- References
- Appendix A: Examples
- Authors' Addresses
[Describe the payment network/infrastructure this method uses]
This specification supports the following intents:
- charge: [How this method implements one-time payments]
- authorize: [How this method implements pre-authorization] (optional)
- subscription: [How this method implements recurring payments] (optional)
Client Server
│ │
│ (1) GET /resource │
├────────────────────────────────────────────────>│
│ │
│ (2) 402 Payment Required │
│ WWW-Authenticate: Payment method="{network}"
│<────────────────────────────────────────────────┤
│ │
│ (3) [Method-specific payment process] │
│ │
│ (4) GET /resource │
│ Authorization: Payment <credential> │
├────────────────────────────────────────────────>│
│ │
│ (5) [Server verifies/settles] │
│ │
│ (6) 200 OK │
│ Payment-Receipt: <receipt> │
│<────────────────────────────────────────────────┤
This document is a payment method specification as defined in Section 9.1
of [I-D.httpauth-payment]. It defines the request and payload
structures for the "{network}" payment method.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.
[Term 1] : Definition of term 1
[Term 2] : Definition of term 2
[Term 3] : Definition of term 3
This specification registers the following payment method identifier:
{network}
The identifier is case-sensitive and MUST be lowercase.
This method supports the following intents:
| Intent | Support | Reference |
|---|---|---|
charge |
REQUIRED | Section 6 |
authorize |
OPTIONAL | Section 7 |
subscription |
OPTIONAL | Section 8 |
For intent="charge", the request parameter contains:
| Field | Type | Required | Description |
|---|---|---|---|
amount |
string | REQUIRED | Amount in [units] |
asset |
string | REQUIRED | Asset identifier |
recipient |
string | REQUIRED | Recipient address/identifier |
expires |
string | REQUIRED | Expiry timestamp |
Example:
{
"amount": "1000000",
"asset": "USD",
"recipient": "acct_123",
"expires": "2025-01-15T12:05:00Z"
}| Field | Type | Required | Description |
|---|---|---|---|
type |
string | REQUIRED | Payload type identifier |
proof |
string | REQUIRED | Method-specific proof |
Example:
{
"type": "transaction",
"proof": "0xabc123..."
}To verify a "charge" credential:
- [Step 1]
- [Step 2]
- [Step 3]
[Describe how payment is finalized for charge]
[If your method supports authorize, describe it here. Otherwise, remove this section.]
[Define request schema for authorize]
[Define payload schema for authorize]
[Describe verification for authorize]
[Describe how the server charges against the authorization later]
[If your method supports subscription, describe it here. Otherwise, remove this section.]
[Define request schema for subscription]
[Define payload schema for subscription]
[Describe verification for subscription]
[Describe how recurring charges work]
[General verification procedure applicable to all intents]
Servers MUST:
- Verify the
idmatches an outstanding challenge - Verify the challenge has not expired
- [Method-specific verification steps]
[Describe how payment settlement works]
[Immediate vs deferred settlement]
[When is payment considered final?]
[What happens if settlement fails?]
All communication MUST use TLS 1.2 or higher. [Method] credentials MUST only be transmitted over HTTPS connections.
[Describe credential handling requirements]
[Describe replay protection mechanism]
[Describe threat and mitigation]
[Describe threat and mitigation]
This specification registers the "{network}" payment method in the Payment Method Registry per Section 12.3 of [I-D.httpauth-payment]:
| Field | Value |
|---|---|
| Method Identifier | {network} |
| Description | [Brief description] |
| Reference | This document |
| Contact | [Contact info] |
-
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
-
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, May 2017.
-
[I-D.httpauth-payment] Moxey, J., "The 'Payment' HTTP Authentication Scheme", draft-httpauth-payment-00.
-
[I-D.payment-intent-charge] Moxey, J., "'charge' Intent for HTTP Payment Authentication", draft-payment-intent-charge-00.
[Add network-specific references: API docs, protocol specs, etc.]
Challenge:
HTTP/1.1 402 Payment Required
WWW-Authenticate: Payment id="abc123",
realm="api.example.com",
method="{network}",
intent="charge",
request="[base64url-encoded request]"Credential:
GET /resource HTTP/1.1
Host: api.example.com
Authorization: Payment [base64url-encoded credential]Response:
HTTP/1.1 200 OK
Payment-Receipt: [base64url-encoded receipt][Add more examples as needed]
Your Name Your Organization Email: you@example.com