- From: Anders Rundgren <notifications@github.com>
- Date: Sat, 12 Mar 2016 11:22:34 -0800
- To: w3c/browser-payment-api <browser-payment-api@noreply.github.com>
Received on Saturday, 12 March 2016 19:23:44 UTC
Applying signatures is technically simple. However there are things that are not equally simple like: - distribution of signatures keys (if the client is supposed to sign) - distribution of trust anchors (if the client is going to trust the originator) - defining whom is trusting whom and for what As far as I understand client signature key distribution is a part of enrollment in schemes like Apple Pay. @burdges It was cool to see that you use a JSON parser/serializer that *preserves* the order of properties because this (and some more) is what I have been advocating as a prerequisite for "financial messaging". IETF's JOSE appears more suited for token signing which also it is heritage. https://cyberphone.github.io/openkeystore/resources/docs/jsonsignatures.html --- Reply to this email directly or view it on GitHub: https://github.com/w3c/browser-payment-api/issues/31#issuecomment-195794136
Received on Saturday, 12 March 2016 19:23:44 UTC