The more I think about it, the more I lean towards following @jakearchibald's advice and ditch the Recommended Payment Apps, at least from the first version of the specification. Pros: - Simpler to specify - Simpler for the mediator to implement - Avoids security issues with showing untrusted elements in trusted browser UI - Lets merchants present recommendations in whichever way they desire Cons - More work for the merchants who want to implement app recommendations This con is not insignificant, but I think it can be remedied to some extent by providing really good examples and best practices that the implementers of merchant pages can make use of. At the end of the day, it could be that merchants will be more happy with this approach, as it gives them more control. If we choose to go in this direction, do we even need a Payment App Identifier for anything? Maybe we could just drop the whole concept. I don't think we really need a manifest file either. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/webpayments-payment-apps-api/issues/48#issuecomment-277214650
Received on Friday, 3 February 2017 10:29:17 UTC