Re: [w3c/webpayments-method-identifiers] feat: rewrite all the things (#35) from Domenic Denicola on 2017-04-28 (public-webpayments-specs@w3.org from April 2017)

From: Domenic Denicola <notifications@github.com>
Date: Fri, 28 Apr 2017 08:47:51 -0700
To: w3c/webpayments-method-identifiers <webpayments-method-identifiers@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/webpayments-method-identifiers/pull/35/review/35395174@github.com>

domenic commented on this pull request.



>          </p>
       </section>
     </section>
     <section>
       <h2>
+        Security consideration
+      </h2>
+      <p>
+        The URLs relied upon by this specification are only expected to be used
+        by APIs, or internally by the user agent. As such, there is no
+        expectation that URLs defined in this specification would ever be
+        rendered or passed around by end-users.

Won't end users end up seeing something like "Pay with https://android.google.com/pay"?

I'd be OK with removing it too.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments-method-identifiers/pull/35#discussion_r113961131

Received on Friday, 28 April 2017 15:48:30 UTC