Secure Payment Confirmation 2021-08-31

[ianbjacobs]

We prefers groups to run a self-review around the time of FPWD. See https://w3ctag.github.io/security-questionnaire/.

If you still want us to review your spec, please provide the information below.

In the issue title above add the document name followed by the date of this request.

• name of spec to be reviewed: Secure Payment Confirmation
• URL of spec: https://w3c.github.io/secure-payment-confirmation/
• Does your document have an in-line Security Considerations section, separate from Privacy Considerations? If not, corrrect that before proceeding further.

https://w3c.github.io/secure-payment-confirmation/#sctn-security-considerations

• Do you need a reply by a particular date? No

• Please point to the results of your own self-review (see https://w3ctag.github.io/security-questionnaire/)

https://github.com/w3c/secure-payment-confirmation/blob/main/security-privacy-questionnaire.md

• Where and how to file issues arising?

https://github.com/w3c/secure-payment-confirmation/issues

• Pointer to any explainer for the spec?

https://github.com/w3c/secure-payment-confirmation/blob/main/explainer.md

Other comments:

Thank you! :)

[ianbjacobs]

Hi security folks; there has been no action on this issue at all. What is needed to cause a review to happen?

cc @wseltzer, @samuelweiler

[ianbjacobs]

Just a note: we are planning to advance to Candidate Recommendation mid-September 2022.

[samuelweiler]

I'm fine with punting the one open issue https://github.com/w3c/security-review/issues/120 to after-v1.