- From: Dave Longley <dlongley@digitalbazaar.com>
- Date: Fri, 10 Mar 2017 12:08:43 -0500
- To: Steve Sommers <steve@shift4.com>, Michiel de Jong <michiel@ripple.com>, Manu Sporny <msporny@digitalbazaar.com>
- Cc: Adrian Hope-Bailie <adrian@hopebailie.com>, Ian Jacobs <ij@w3.org>, Payments WG <public-payments-wg@w3.org>
On 03/10/2017 12:02 PM, Steve Sommers wrote: > Not meaning to be a stick in the mud but I’ve been monitoring this > thread from the shadows and this thread as well as a related thread > from Tommy about complexity and I was wondering if anyone else has > concerns about the complexity. I am a firm believer that the more > complex a process, the chances of vulnerabilities increase > exponentially -- this seems very complex. > > Has anyone stepped back and reevaluated the problem to see if there > is a simpler, less complex solution? Well, the less complex solution is getting this implemented directly in browsers. There may, of course, be a less complex way to write a polyfill; we've only just begun this discussion. But we should keep in mind that it's a polyfill -- so by it's nature it is isn't meant to last forever and is a degraded form of what browsers will eventually implement natively. -- Dave Longley CTO Digital Bazaar, Inc. http://digitalbazaar.com
Received on Friday, 10 March 2017 17:09:12 UTC