- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sun, 20 Sep 2015 11:10:45 +0200
- To: Web Payments CG <public-webpayments@w3.org>, "public-webpayments-comments@w3.org" <public-webpayments-comments@w3.org>
Some recent findings which may be of interest... The only time you are forced to use a specific message format is when you are dealing with end-to-end security since an XML-signature cannot be converted to a JSON signature to take an example. But ISO doesn't define security at this level AFAIK. Another reason why ISO-formatted messages [probably] are out of scope is that for existing "pipes" it is enough to know (and provide) the right information bits. So if a Web Payment system defines card numbers in JSON as "cardNumber":"111122223333444", this property only have to be converted to its ISO binary counterpart at the payment provider (who probably supplies a nice API for that purpose to not burden their customers with difficult formatting issues). For the possible inclusion of new "pipes", we are most likely talking about end-to-end security solutions and these can use any suitable format although we probably want to stick to JSON. WDYT? Anders
Received on Sunday, 20 September 2015 09:11:18 UTC