Re: [webpayments] How are payment messages trusted? (#19)

> the SCAI approach was:
> * to avoid any tampering of the data by digital signing
> * to enable some data could be hidden from the merchant (or from any other actor) (tunnelling)

Yes, but I expect that not everyone feels that digital signatures are absolutely necessary and there may be others that don't believe that in-message encryption is necessary.

I'm merely raising the point that both will most likely be necessary, if not for phase I, for later phases and we should keep this in mind as we do the design work.

---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/issues/19#issuecomment-161505719

Received on Thursday, 3 December 2015 03:32:54 UTC