- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sun, 13 Sep 2015 07:11:31 +0200
- To: "www-tag@w3.org" <www-tag@w3.org>
- Cc: Wendy Seltzer <wseltzer@w3.org>, Tim Berners-Lee <timbl@w3.org>
The idea that SOP is the only viable security model on the Web is to 99% the reason to why we after 20 years with card payments on the Web still use methods which (unlike the stated problems <keygen>) have proved any number of times to be neither Secure, Convenient, nor Distributable. That Android Pay and Apple Pay haven't made to the Web comes to no surprise. That these guys (http://www.w3.org/Payments/IG/) after 1 year of operation still haven't taken on the SOP issue is yet another indication that there's an imminent need bringing this debate out in the open. This seems like a very suitable topic for a Technical Architecture Group! It doesn't have to be a dirty flame-war :-) Cheers, Anders
Received on Sunday, 13 September 2015 05:12:07 UTC