Re: [webpayments] What gets registered - apps, wallets, or payment instruments? (#28)

> Is there a problem with the merchant providing the payment data pre-trimmed for all payment applications they support?

Well, they'd probably need N signatures (one for each method) or some complex CL-Signature and trusted mapping information. In short, it could get very messy and frighten off developers.

Before even considering anything like that, I'd rather see the threat model for exposing all of the payment request data to the user's payment app of choice. What are the real dangers/concerns as concrete examples?

Reply to this email directly or view it on GitHub:

Received on Friday, 11 December 2015 17:06:07 UTC