On Tue, Mar 22, 2022 at 11:34 AM Joe Medley <[email protected]> wrote:
> When are you planning to ship this? > We plan to enable these changes in M102. > Joe Medley | Technical Writer, Chrome DevRel | [email protected] | > 816-678-7195 > *If an API's not documented it doesn't exist.* > > > On Wed, Mar 16, 2022 at 6:19 AM Mike West <[email protected]> wrote: > >> LGTM3. >> >> On Wednesday, March 16, 2022 at 11:08:29 AM UTC+1 Yoav Weiss wrote: >> >>> LGTM2 >>> >>> On Tue, Mar 15, 2022 at 9:52 PM Mike Taylor <[email protected]> >>> wrote: >>> >>>> On 3/15/22 4:42 PM, Nick Burris wrote: >>>> >>>> On Tue, Mar 15, 2022 at 4:52 PM Mike Taylor <[email protected]> >>>> wrote: >>>> >>>>> On 3/9/22 10:27 AM, Nick Burris wrote: >>>>> >>>>> Contact emails >>>>> >>>>> [email protected], [email protected], [email protected], >>>>> [email protected] >>>>> >>>>> Explainer >>>>> >>>>> >>>>> https://github.com/w3c/secure-payment-confirmation/blob/main/explainer.md >>>>> >>>>> Specification >>>>> >>>>> https://w3c.github.io/secure-payment-confirmation/ >>>>> >>>>> Design docs >>>>> >>>>> N/A >>>>> >>>>> Summary >>>>> >>>>> Three changes to the Secure Payment Confirmation API, implemented and >>>>> flagged as “V3” of the API. >>>>> >>>>> - >>>>> >>>>> Add Relying Party ID as a required input (issue >>>>> <https://github.com/w3c/secure-payment-confirmation/issues/164>). >>>>> This is a breaking change, see issue and compatibility section. >>>>> - >>>>> >>>>> Add an optional boolean to allow failed instrument icon download ( >>>>> issue >>>>> <https://github.com/w3c/secure-payment-confirmation/issues/125>). >>>>> - >>>>> >>>>> Add payeeName as an optional input (issue >>>>> <https://github.com/w3c/secure-payment-confirmation/issues/163>). >>>>> >>>>> >>>>> Original feature summary: Secure payment confirmation augments the >>>>> payment authentication experience on the web with the help of WebAuthn. >>>>> The >>>>> feature adds a new 'payment' extension to WebAuthn, which allows a relying >>>>> party such as a bank to create a PublicKeyCredential that can be queried >>>>> by >>>>> any merchant origin as part of an online checkout via the Payment Request >>>>> API using the 'secure-payment-confirmation' payment method. >>>>> >>>>> Blink component >>>>> >>>>> Blink>Payments >>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPayments> >>>>> >>>>> TAG review >>>>> >>>>> https://github.com/w3ctag/design-reviews/issues/675 >>>>> >>>>> TAG review status >>>>> >>>>> Closed (Resolution: satisfied) >>>>> >>>>> Interoperability and Compatibility >>>>> >>>>> One of the API changes, the relying party ID input, is a breaking >>>>> change as it is a new required field. We are confident in this change as >>>>> the feature is relatively new and has little usage, and we have discussed >>>>> these changes with the external partners who are using the feature. >>>>> Adapting to the change is also forwards-compatible, in that partners can >>>>> add the new input today without breaking their code, and then it will >>>>> just continue working after this ships. >>>>> >>>>> How confident are y'all that all SPC users will be aware of this >>>>> breaking change? Do we have UKM? >>>>> >>>> Our metrics show that SPC currently has near zero usage, so we are >>>> confident that there's at least no deployed usage of the feature that this >>>> will break. We are in contact with multiple partners working on products >>>> using SPC who are aware of the change. If it does break something that's in >>>> development that we're not aware of, the error message indicates >>>> what's missing, and such a developer would likely know where to get the >>>> latest info on SPC (the github repo, blink-dev) or can at least find us. :) >>>> >>>> Thanks Nick, that sounds reasonable. If you do hear back from sites who >>>> were broken by this, it may be useful to update the thread so we can learn >>>> from the experience. >>>> >>>> LGTM1. >>>> >>>> >>>>> >>>>> Gecko: No signal ( >>>>> https://github.com/mozilla/standards-positions/issues/570) >>>>> Historically (>1 year old) positive signal from informal conversation in >>>>> W3C Payment Handler meetings. However Firefox have since not been involved >>>>> in the API development. >>>>> >>>>> WebKit: No signal ( >>>>> https://lists.webkit.org/pipermail/webkit-dev/2021-August/031956.html) >>>>> >>>>> Web developers: Positive ( >>>>> https://lists.w3.org/Archives/Public/public-payments-wg/2021Aug/0005.html) >>>>> Support and involvement in API development from multiple web developers >>>>> and >>>>> payment industry partners. Both Stripe and AirBnB have publicly stated >>>>> that >>>>> they have either completed or are in the process of >>>>> prototyping/experimenting with SPC >>>>> >>>>> >>>>> >>>>> Debuggability >>>>> >>>>> Existing devtools debugging features should cover SPC (e.g. >>>>> breakpoints, console, etc) >>>>> >>>>> Is this feature fully tested by web-platform-tests >>>>> <https://chromium.googlesource.com/chromium/src/+/master/docs/testing/web_platform_tests.md> >>>>> ? >>>>> >>>>> Yes, coverage for the new input fields will be added to the existing >>>>> test suite: >>>>> >>>>> >>>>> https://wpt.fyi/results/secure-payment-confirmation?label=master&label=experimental&aligned >>>>> >>>>> Flag name >>>>> >>>>> SecurePaymentConfirmationAPIV3 >>>>> >>>>> Requires code in //chrome? >>>>> >>>>> Yes: minor changes to the chrome UI code, to possibly display a >>>>> placeholder card icon when the new ‘iconMustBeShown’ option is false, and >>>>> to render the optional payeeName alongside or instead of the payeeOrigin. >>>>> >>>>> Tracking bug >>>>> >>>>> API V3 bug: https://crbug.com/1298505 >>>>> >>>>> Original feature bug: https://crbug.com/1124927 >>>>> >>>>> Launch bug >>>>> >>>>> Original SPC launch bug: >>>>> https://bugs.chromium.org/p/chromium/issues/detail?id=1236570 >>>>> >>>>> We believe this is a small enough change to an existing feature that >>>>> it doesn’t require its own launch bug. >>>>> >>>>> Link to entry on the Chrome Platform Status >>>>> >>>>> https://chromestatus.com/feature/5675682238562304 >>>>> >>>>> Links to previous Intent discussions >>>>> >>>>> Intent to Prototype v1: >>>>> https://groups.google.com/a/chromium.org/d/topic/blink-dev/myUR5gyd5Js/discussion >>>>> >>>>> Intent to Experiment v2: >>>>> https://groups.google.com/a/chromium.org/g/blink-dev/c/6Dd00NJ-td8 >>>>> >>>>> Intent to Ship v2: >>>>> https://groups.google.com/u/1/a/chromium.org/g/blink-dev/c/U5K69fbA6SU >>>>> >>>>> >>>>> This intent message was generated by Chrome Platform Status >>>>> <https://chromestatus.com/>. >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "blink-dev" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADvKJHOGtvDnZxVCyDOFWPJuvCu5L9BdAjgoLH-rKF_zYsyOqg%40mail.gmail.com >>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADvKJHOGtvDnZxVCyDOFWPJuvCu5L9BdAjgoLH-rKF_zYsyOqg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>>> >>>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "blink-dev" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> >>> To view this discussion on the web visit >>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/cf5e7586-ccb9-8cc8-1601-5e21f9fa8417%40chromium.org >>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/cf5e7586-ccb9-8cc8-1601-5e21f9fa8417%40chromium.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/9c2c0f12-8d18-4b67-bdba-9ee610150be0n%40chromium.org >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/9c2c0f12-8d18-4b67-bdba-9ee610150be0n%40chromium.org?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADvKJHP_Hf%2BZHSSGt5tj0NgGtowtXcxbyuVN0kaxtZUPSL2SjQ%40mail.gmail.com.
