W3C home > Mailing lists > Public > public-payments-wg@w3.org > March 2017

Re: Payment App spec implementations

From: Dave Longley <dlongley@digitalbazaar.com>
Date: Fri, 10 Mar 2017 12:08:43 -0500
To: Steve Sommers <steve@shift4.com>, Michiel de Jong <michiel@ripple.com>, Manu Sporny <msporny@digitalbazaar.com>
Cc: Adrian Hope-Bailie <adrian@hopebailie.com>, Ian Jacobs <ij@w3.org>, Payments WG <public-payments-wg@w3.org>
Message-ID: <5b3047c0-0e2b-f335-133d-dc471fcd776f@digitalbazaar.com>
On 03/10/2017 12:02 PM, Steve Sommers wrote:
> Not meaning to be a stick in the mud but I’ve been monitoring this
> thread from the shadows and this thread as well as a related thread
> from Tommy about complexity and I was wondering if anyone else has
> concerns about the complexity. I am a firm believer that the more
> complex a process, the chances of vulnerabilities increase
> exponentially -- this seems very complex.
> Has anyone stepped back and reevaluated the problem to see if there
> is a simpler, less complex solution?

Well, the less complex solution is getting this implemented directly in
browsers. There may, of course, be a less complex way to write a
polyfill; we've only just begun this discussion. But we should keep in
mind that it's a polyfill -- so by it's nature it is isn't meant to last
forever and is a degraded form of what browsers will eventually
implement natively.

Dave Longley
Digital Bazaar, Inc.
Received on Friday, 10 March 2017 17:09:12 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:43:24 UTC