Re: [webpayments] How do we protect certian data in the messages from certain parties in the flow as the use case requires? (#78)

From: ianbjacobs <notifications@github.com> Date: Wed, 03 Feb 2016 18:50:18 -0800 To: w3c/webpayments <webpayments@noreply.github.com> Message-ID: <w3c/webpayments/issues/78/179590034@github.com> · This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:43:14 UTC

Each spec should have a "security considerations" section. We could say in the security considerations section that:

 * Many applications will want to encrypt data. They should do so according to their needs.
 * W3C has a WebCrypto API for doing so interoperably:
   http://www.w3.org/TR/WebCryptoAPI/

So maybe that is "option 3, but with some pointers to relevant work such as WebCrypto API"

Ian

---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/issues/78#issuecomment-179590034