Re: [browser-payment-api] Spec should use [SecureContext] once that is defined in Web IDL (#22) from Manu Sporny on 2016-03-17 (public-webpayments-specs@w3.org from March 2016)

From: Manu Sporny <notifications@github.com>
Date: Thu, 17 Mar 2016 07:58:27 -0700
To: w3c/browser-payment-api <browser-payment-api@noreply.github.com>
Message-ID: <w3c/browser-payment-api/issues/22/197919541@github.com>

> The current consensus seems to be "no".

@haavardmolland - Sorry, mistyped that - I meant, the current consensus seems to be "yes". Minor typo. :P

If you read the original issue, you'll see that I was also firmly in the "HTTPS-only" and Secure Context camp. The only "allow override" argument was coming from @mountielee, but I thought it important to point out that there was disagreement that we should discuss.

Security is hard, especially when you turn it off. :)


---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/browser-payment-api/issues/22#issuecomment-197919541

Received on Thursday, 17 March 2016 14:59:02 UTC