Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secure Payment Confirmation 2023-01-11 > 2023-02-01 #110

Closed
ianbjacobs opened this issue Jan 11, 2023 · 5 comments
Closed

Secure Payment Confirmation 2023-01-11 > 2023-02-01 #110

ianbjacobs opened this issue Jan 11, 2023 · 5 comments
Assignees
@samuelweiler
Labels
LC Working Draft approaching Candidate Recommendation REVIEW REQUESTED

Comments

@ianbjacobs
Copy link

ianbjacobs commented Jan 11, 2023
edited
Loading

In August 2022 the Web Payments Working Group requested pre-Candidate Recommendation horizontal review of Secure Payment Confirmation (SPC). All reviews led to satisfactory outcomes. Thank you for the privacy review and discussion: https://github.com//issues/101

Since then, the Web Payments Working Group has made or plans to make two non-editorial changes to the specification that we seek to include in the forthcoming Candidate Recommendation:

  • The addition of an opt-out feature, requested by developers to help satisfy GDPR requirements. For background, see issue 172 and the resulting changes to the specification. Experimentation with this feature has demonstrated its utility to at least one organization that has experimented with SPC.
  • The expected removal of a requirement that the user agent consume a user activation during authentication. For background, see issue 216, including the Chrome Team's security and privacy consideration notes. Although we have not yet updated the specification to remove the user activation requirement, we seek your review at this time. We would anticipate the actual change to the specification to be small (and it would include the security and privacy considerations).

Other comments:

Thank you!
@ianbjacobs ianbjacobs added LC Working Draft approaching Candidate Recommendation pending This issue needs to get a reviewer assigned to it REVIEW REQUESTED labels Jan 11, 2023
@ianbjacobs
Copy link
Author

Hi all,

I wanted to check to see whether you have this request on an upcoming agenda. Thank you,

Ian

@npdoty npdoty removed the pending This issue needs to get a reviewer assigned to it label Mar 17, 2023
@samuelweiler samuelweiler mentioned this issue Apr 5, 2023
Closed
@samuelweiler
Copy link
Contributor

@ianbjacobs It's on the agenda for this Thursday, April 6. What discussion has there been of w3c/secure-payment-confirmation#154 in the intervening months?

@ianbjacobs
Copy link
Author

Hi @samuelweiler,

We have not had conversations lately about w3c/secure-payment-confirmation#154.
It is my understanding that the CTAP WG at FIDO has agreed to add the special "cross-origin" bit, but I am not aware of a public draft that includes it. I think discussion within the WebAuthn WG would continue once the feature is defined in CTAP.

@pes10k
Copy link
Collaborator

pes10k commented Apr 6, 2023

linking this issue bc it came out of discussion on the PING call w3c/secure-payment-confirmation#237

(thank you @stephenmcgruer!)

@samuelweiler
Copy link
Contributor

Closing review request. New issue as above.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@samuelweiler samuelweiler

Labels
LC Working Draft approaching Candidate Recommendation REVIEW REQUESTED
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@npdoty @pes10k @ianbjacobs @samuelweiler