Re: [webpayments] PROPOSAL: The Web Payments browser API should not support the collection of shipping information through API calls (#63) from Mike West on 2016-01-22 (public-payments-wg@w3.org from January 2016)

From: Mike West <notifications@github.com>
Date: Fri, 22 Jan 2016 09:46:35 -0800
To: w3c/webpayments <webpayments@noreply.github.com>
Message-ID: <w3c/webpayments/issues/63/173990165@github.com>

Hi, @msporny. I do indeed remember our conversations. :)

The `credential` types actually defined in the WebAppSec document do, in fact, boil down to "sign-in" stuff. https://w3c.github.io/webappsec-credential-management/ defines those types in terms of a number of extension points that folks like yourself can use in a number of ways to implement a number of things. The FIDO submission, for instance, is starting to explore areas beyond the boundaries of the spec we're working on in WebAppSec, and I do expect to see more of those kinds of concrete proposals in the future.

My point here is simply that WebAppSec's work in this area is fairly narrowly scoped by our charter to "assist[ing] users in managing the complexities of secure passwords" (which might not be "the" point, but is certainly "a" point). If this group agrees that the best way to make shipping addresses available is via the `navigator.credentials` API, I'd suggest putting together a concrete proposal, and pitching it to developers and implementers. I'd certainly be interested in reading through it.

---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/issues/63#issuecomment-173990165

Received on Friday, 22 January 2016 17:47:06 UTC