Re: [browser-payment-api] Any plan to allow this API to be called by non-merchants? (#35)

On 03/10/2016 01:21 PM, webpayments-specs wrote:
> @dlongley <https://github.com/dlongley>,
> 
> Other than verbiage that implies that merchants are the intended target
> for one end of this API, does the API preclude the use cases you have in
> mind?
> 
> I haven't thought about it deeply yet, but I don't see at first glance
> limitations on who can call the API.

If we don't plan for it, it's likely we'll end up building in
restrictions unwittingly -- just based on assumptions regarding its
current use.

The WPCG API allowed you to provide all of the necessary parameters for
performing a payment in a single object, potentially digitally-signed
object. Each specified supported payment method could also include
custom, extensible data. These features don't exist in the current
manifestation of the browser-payment-api -- and there's no way to
support push-based payments. The current API is strongly targeted at
being called by a merchant site that uses pull-based payment methods.

Now, there are some issue markers related to the above that are present
in the document. But I wanted to make clear that the answer is "Yes,
there are currently implicit limitations on who can call this API and
these will only continue to proliferate if we don't plan for more wide use."


-- 
Dave Longley
CTO
Digital Bazaar, Inc.


---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/browser-payment-api/issues/35#issuecomment-194997587

Received on Thursday, 10 March 2016 18:48:38 UTC