Re: [w3ctag/design-reviews] Secure Payment Confirmation - Part 2 (#675) from Hadley Beeman on 2021-12-08 (public-webapps-github@w3.org from December 2021)

From: Hadley Beeman <notifications@github.com>
Date: Wed, 08 Dec 2021 09:39:36 -0800
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/675/989028900@github.com>

Hi, @ianbjacobs and @stephenmcgruer. We (@rhiaro, @kenchris and I) are looking at this in our [W3CTAG face-to-face](https://github.com/w3ctag/meetings/tree/gh-pages/2021/12-Madripoor). We are scrambling to follow the information flows in the explainer (perhaps a diagram would be a clear way to communicate this?), and to see how this works from a user's perspective (especially the registration process). Would it be possible to address those in the explainer? 

Also, it seems like the explainer assumes a strong familiarity with webauthn, which seems complicated in light of [the ongoing work with them](https://github.com/w3c/webauthn/issues/1667). It would help us a lot if you explain in plain English how you see those working together, again especially from the user's perspective. 

And finally, for our notes: we are reassured to see how much you're focused on privacy, based on the issues in your repo and the thorough Security and Privacy questionnaire responses. That's important in this area and we're pleased to see how much emphasis you are giving to it.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/675#issuecomment-989028900

Received on Wednesday, 8 December 2021 17:39:49 UTC