Re: [w3c/webpayments] Finer points of integration with Web App Manifest (#225) from Matt Giuca on 2017-03-29 (public-payments-wg@w3.org from March 2017)

From: Matt Giuca <notifications@github.com>
Date: Tue, 28 Mar 2017 19:10:38 -0700
To: w3c/webpayments <webpayments@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/webpayments/issues/225/289960662@github.com>

Some thoughts:

> The spec allows proprietary fields by vendor-prefixing them.

That isn't quite the same as prefixing with the platform (e.g., "play"). It would suggest that we have to add `chrome_sha256_cert_fingerprints`, `webkit_sha256_cert_fingerprints`, `moz_sha256_cert_fingerprints`, etc. At some level, I think it should be possible to have a standard way to refer to an Android app (though probably not in a web standard, maybe in the Android documentation), and that should have a standard prefix like "play" -- NOT a vendor prefix.

Chrome's policy for several years (since the Blink fork) has been no vendor prefixes, so we certainly wouldn't add "chrome_", "blink_" or "webkit_" attributes to the manifest.

If the prefix is "play_" then it calls into question why have a prefix at all... since we are scoped to the "related_applications" dict, and "platform" is "play", there isn't going to be a naming clash between proprietary fields of different platforms within this dict. ALL proprietary fields will belong to "play" by definition. The only chance for a clash is if we (at the web standard level) wanted to add a new field, that might clash with a proprietary field that's been added. My suggestion of a "meta" field would eliminate that. Otherwise, we could introduce a standard prefix for proprietary metadata, like "meta_" or "x_" (to borrow from HTTP). So, for example:

```json
{
  "related_applications": [
      {
        "platform": "play",
        "url": "https://play.google.com/store/apps/details?id=com.example.app1",
        "id": "com.example.app1",
        "meta": {
          "version": "...",
          "sha256_cert_fingerprints": "..."
        }
      }]
 }
```

or

```json
{
  "related_applications": [
      {
        "platform": "play",
        "url": "https://play.google.com/store/apps/details?id=com.example.app1",
        "id": "com.example.app1",
        "x_version": "...",
        "x_sha256_cert_fingerprints": "..."
      }]
 }
```

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/issues/225#issuecomment-289960662

Received on Wednesday, 29 March 2017 02:11:19 UTC