Re: [w3c/webpayments-crypto] Should we allow keys or only certificates? (#15) from Adrian Hope-Bailie on 2018-06-05 (public-webpayments-specs@w3.org from June 2018)

From: Adrian Hope-Bailie <notifications@github.com>
Date: Tue, 05 Jun 2018 00:33:25 -0700
To: w3c/webpayments-crypto <webpayments-crypto@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/webpayments-crypto/issues/15/394611001@github.com>

> Enabling the pass-through of data was a key use case we were trying to enable.

Exactly. However, what if the processor issued a certificate per merchant specifically for this case? i.e. The subject of the cert is the merchant origin but the chain is to the processor and only the processor has the private keys.

> Allowing keys is a problem as anyone could have inserted that key into the payload.

I guess this is the fundamental question. Is this a problem? The channel is assumed to be secure (TLS) so really all we are doing here is giving the merchant a way to remove themselves from scope and pass the card details around in unsecure (non-PCI compliant) systems.

Are those systems out of PCI scope if they generate the payment request and therefor provide the encryption key?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments-crypto/issues/15#issuecomment-394611001

Received on Tuesday, 5 June 2018 07:34:10 UTC