Next transition is to Candidate Recommendation, expected mid-September 2022.
What has changed since any previous review?
I believe the most recent PING review (leading to issues) of the specification was around October 2021. Our most recent joint
discussion of issues took place on 4 May 2022:
https://www.w3.org/2022/05/04-wpwg-minutes.html#t02
(Sorry, in addition to showing a diff for the source file (spec.bs) that diff shows other files as well that are not relevant here.)
Does your document have an in-line Privacy Considerations section, ideally one separate from the Security Considerations? If not, corrrect that before proceeding further.
There is one remaining open issue (#154 [1]) from previous PING review. Given the current SPC design, it is not likely that the SPC specification itself will have anything to say on this topic. We have left the issue open as part of our ongoing discussion
with the Web Authentication Working Group, but I do not anticipate that we will make changes to version 1 of SPC related to this
topic before requesting to advance to Candidate Recommendation.
In the issue title above add the document name followed by the date of this request, then the date of your proposed deadline for comments.
name of spec to be reviewed: Secure Payment Confirmation
URL of spec: [This must be a dated version in the TR namespace, not an editor's draft.] https://www.w3.org/TR/2022/WD-secure-payment-confirmation-20220810/
What and when is your next expected transition?
Next transition is to Candidate Recommendation, expected mid-September 2022.
I believe the most recent PING review (leading to issues) of the specification was around October 2021. Our most recent joint discussion of issues took place on 4 May 2022: https://www.w3.org/2022/05/04-wpwg-minutes.html#t02
Here are the list of changes to the specification since the original October 2021 PING review: https://github.com/w3c/secure-payment-confirmation/compare/8c18586..7204dc0d#diff-6f5a1d8263b0b0c42e2716ba5750e3652e359532647ac934c1c70086ae3cedda
(Sorry, in addition to showing a diff for the source file (spec.bs) that diff shows other files as well that are not relevant here.)
Yes: https://www.w3.org/TR/2022/WD-secure-payment-confirmation-20220810/#sctn-privacy-considerations
https://github.com/w3c/secure-payment-confirmation/blob/main/security-privacy-questionnaire.md
Where and how to file issues arising? https://github.com/w3c/secure-payment-confirmation/issues
Pointer to any explainer for the spec? https://github.com/w3c/secure-payment-confirmation/blob/main/explainer.md
Other comments:
There is one remaining open issue (#154 [1]) from previous PING review. Given the current SPC design, it is not likely that the SPC specification itself will have anything to say on this topic. We have left the issue open as part of our ongoing discussion with the Web Authentication Working Group, but I do not anticipate that we will make changes to version 1 of SPC related to this topic before requesting to advance to Candidate Recommendation.
[1] https://github.com/w3c/secure-payment-confirmation/issues/154