[w3c/webpayments-methods-tokenization] Details about encryption expectations lacking (#30) from ianbjacobs on 2018-01-26 (public-webpayments-specs@w3.org from January 2018)

From: ianbjacobs <notifications@github.com>
Date: Fri, 26 Jan 2018 19:53:28 +0000 (UTC)
To: w3c/webpayments-methods-tokenization <webpayments-methods-tokenization@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/webpayments-methods-tokenization/issues/30@github.com>

Creating an individual issue from the list in #26 in reference to:
  https://github.com/w3c/webpayments-methods-tokenization/wiki/Tokenized-Card

"With respect to "Tokenized payment credentials MUST be encrypted.:  this doesn't tell the reader (and especially the implementer) very much. Encrypted between which parties? Encrypted using what
technologies? Is forward secrecy required? Is this transport security only (e.g., TLS) or also end-to-end object encryption? Etc."


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments-methods-tokenization/issues/30

Received on Friday, 26 January 2018 19:53:54 UTC