W3C home > Mailing lists > Public > public-payments-wg@w3.org > December 2015

Re: [webpayments] How are payment messages trusted? (#19)

From: Manu Sporny <notifications@github.com>
Date: Wed, 02 Dec 2015 19:32:00 -0800
To: w3c/webpayments <webpayments@noreply.github.com>
Message-ID: <w3c/webpayments/issues/19/161505719@github.com>
> the SCAI approach was:
> * to avoid any tampering of the data by digital signing
> * to enable some data could be hidden from the merchant (or from any other actor) (tunnelling)

Yes, but I expect that not everyone feels that digital signatures are absolutely necessary and there may be others that don't believe that in-message encryption is necessary.

I'm merely raising the point that both will most likely be necessary, if not for phase I, for later phases and we should keep this in mind as we do the design work.

Reply to this email directly or view it on GitHub:
Received on Thursday, 3 December 2015 03:32:54 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:43:12 UTC