- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sun, 16 Feb 2014 08:48:47 +0100
- To: Web Payments <public-webpayments@w3.org>
- CC: Brian Smith <brian@briansmith.org>
WebCrypto has been mentioned as a possible solution. There is one little snag: Using WebCrypto would require all banks to settle on exactly the same policy. Although that would be great it is not very realistic. One of the more fundamental policies which isn't supported by WebCrypto is off-line (physically distributed) credentials. There has to date been three fundamentally different proposals for dealing with this issue - "SOP Exceptions" (Inventive Designers/Paygate) - "The X.509 Domain Indicator" (NexusSafe) - "The Virtual Bridge", AKA, "the ultra-de-lux-pigs-do-fly-extension" (Yours truly) which have all been rejected by Google. The other browser-vendors haven't even bothered commenting on these proposals. It appears that what's left is essentially U2F. Anders
Received on Sunday, 16 February 2014 07:49:15 UTC