- From: Adrian Bateman <adrianba@microsoft.com>
- Date: Mon, 11 Jul 2016 15:40:18 +0000
- To: Adrian Hope-Bailie <adrian@hopebailie.com>
- CC: Payments WG <public-payments-wg@w3.org>
> On Mon, Jul 11, 2016 at 10:43:17, Adrian Hope-Bailie wrote: > I'm hearing: > > Let's not do this in v1, it may imply more security than is actually > being provided and we haven't actually identified the threat properly to > evaluate it's value. > > Rather, let's work out a comprehensive solution for v2 that fully > mitigates a MiM threat I don't see a rush to do more in v1 unless we discover something that makes implementations more vulnerable than current sites. I think the encryption can be used for a functional scenario but I'm worried about saying it increases security without saying against what threat. More broadly, though, I've heard several people mention MITM attacks but I haven't yet understood who is the attacker and what are they attacking. It seems like some people are trying to mitigate against users changing the payment request. Others against malicious client side code. Others against network listeners. We need to enumerate the threats, understand the vulnerabilities, and address them with appropriate mitigations. Today, I believe we have equivalent security to typical online checkout forms but if someone has a scenario that shows that isn't true then we need to review it. Ade.
Received on Monday, 11 July 2016 15:40:51 UTC