- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Tue, 21 Jan 2014 05:38:40 +0100
- CC: sysapps <public-sysapps@w3.org>
It has been said the the rationale for having a 7816-interface on the web is for supporting payments. I wouldn't bee too concerned with that: https://newsroom.mastercard.com/press-releases/mastercard-visa-and-american-express-propose-new-global-standard-to-make-online-and-mobile-shopping-simpler-and-safer "Once a standard is agreed to and implemented, issuers, merchants or digital wallet providers would be able to request a token so that when an account holder initiates an online or mobile transaction, the token – and not the traditional card account number" My interpretation of the above is that the payment giants are proposing a high(er) level interface which probably can be realized using WebCrypto, U2F, SKS and friends. If this is correct it means that SE support needs to be integrated in the platform (or wallet) which I think have major usability-, interoperability- and security- advantages over the current approach which seems to be based on the idea that web-apps are talking directly to the SE and thus bypassing the whole platform issue. Since there are many and to date generally unknown issues around direct Web-2-SE communication without having the platform + user as mediator, this path is really only suited for true dare-devils. I prefer remaining a coward :-) Cheers, Anders
Received on Tuesday, 21 January 2014 04:39:13 UTC