- From: Ade Bateman <notifications@github.com>
- Date: Wed, 09 Dec 2015 11:50:24 -0800
- To: WICG/paymentrequest <paymentrequest@noreply.github.com>
Received on Wednesday, 9 December 2015 19:50:55 UTC
This is a broad issue that covers several aspects of the Payment Request system: * It covers security considerations about when and how the API can be consumed * Is the API only available in a secure context? This is covered in issue #29. * Is the API only available in a top-level browsing context? This is covered in issue #30. * It covers the integrity of the PaymentResponse data that is returned by the payment method. There are options here for signing and encrypting some data but we think this is the domain of the specific payment method and we don't plan to make this a requirement for all methods (for example, returning simple card information including PAN and expiry won't have a need for signing/encryption). Closing this broad issue now. We should open new issues for specific problems and continue the discussion about top-level browsing context in issue #30. --- Reply to this email directly or view it on GitHub: https://github.com/WICG/paymentrequest/issues/9#issuecomment-163371082
Received on Wednesday, 9 December 2015 19:50:55 UTC