It seems to me this conversation is probably premature. We can't make good choices regarding solutions until we have a good handle on the problem space. Personally, I don't yet understand what problem the signatures spec at https://github.com/w3c/webpayments-crypto/wiki/Signatures is trying to solve, who the actors are (i.e. sender and recipient of the signed data), why we wouldn't encrypt and sign this data instead of merely sign it but send it in the clear, etc. Am I missing something obvious?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments-crypto/issues/5#issuecomment-366057973