search

w3c / webpayments-crypto

Crypto discussions of the Web Payments Working Group
https://github.com/w3c/webpayments-crypto/wiki
Other
5 stars 7 forks source link

Should we allow keys or only certificates? #15

Open adrianhopebailie opened 6 years ago

adrianhopebailie commented 6 years ago

If we only allow certificates then we have a way to ensure that the key (in the certificate) comes from the merchant since the certificate would be required to have been issued to same origin that is making the payment request.

FYI: I don't think it is practical to use the actual TLS cert that the website is using to secure the connection

An argument against this is that it makes the barrier to using encryption higher as you need to be able to get certificates issued for your domain.

stpeter commented 6 years ago

Agreed that we might want to allow the use of keys (not only certificates) here.

As to the argument about barriers to using encryption, at this point any merchant running its site without TLS and without a proper domain certificate is irresponsible, and it doesn't make sense to introduce workarounds for such people (indeed, the Payment Request API requires a secure context).

mattsaxon commented 6 years ago

Allowing only certificates that come from the merchant origin prevents the merchants processor from supplying the key and therefore put the merchant in more difficulty with PCI compliance. Also from a trust point of view the shopper is sharing their card with the merchant rather than just the payment processor.

Enabling the pass-through of data was a key use case we were trying to enable.

However allowing certificates from other sources is a good idea. Allowing keys is a problem as anyone could have inserted that key into the payload.

adrianhopebailie commented 6 years ago

Enabling the pass-through of data was a key use case we were trying to enable.

Exactly. However, what if the processor issued a certificate per merchant specifically for this case? i.e. The subject of the cert is the merchant origin but the chain is to the processor and only the processor has the private keys.

Allowing keys is a problem as anyone could have inserted that key into the payload.

I guess this is the fundamental question. Is this a problem? The channel is assumed to be secure (TLS) so really all we are doing here is giving the merchant a way to remove themselves from scope and pass the card details around in unsecure (non-PCI compliant) systems.

Are those systems out of PCI scope if they generate the payment request and therefor provide the encryption key?