- From: Matt Giuca <notifications@github.com>
- Date: Thu, 30 Mar 2017 00:11:31 -0700
- To: w3c/webpayments <webpayments@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 30 March 2017 07:12:35 UTC
Auth should definitely be taken care of in a way that is out of scope here. (i.e., you should not rely on Android package signing for payment auth). However, I still think there is merit to being able to verify that the Android app you are talking to is the one that was signed by the right person. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/webpayments/issues/225#issuecomment-290322554
Received on Thursday, 30 March 2017 07:12:35 UTC