16:59:33 <RRSAgent> RRSAgent has joined #wpwg-spc
16:59:33 <RRSAgent> logging to https://www.w3.org/2022/01/31-wpwg-spc-irc
17:00:15 <Ian> Meeting: SPC Task Force
17:00:17 <Ian> Agenda: https://lists.w3.org/Archives/Public/public-payments-wg/2022Jan/0049.html
17:00:18 <Ian> Chair: Ian
17:00:20 <Ian> present+
17:00:23 <Ian> present+ John_Bradley
17:00:33 <Ian> regrets+ Praveena_Subrahmanyam
17:00:43 <Ian> agenda+ Proposal to address issue 125 (failed icon download)
17:00:52 <Ian> agenda+ New issue 172: Opt-out link enhancement
17:01:28 <Ian> present+ Nick_Burris
17:01:33 <DougF> DougF has joined #wpwg-spc
17:02:30 <Ian> present+ Doug_Fisher
17:03:50 <Ian> present+ Clinton_Allen
17:03:55 <Ian> present+ Stephen_McGruer
17:04:00 <Ian> present+ Sameer_Tare
17:04:18 <Ian> zakim, take up item 1
17:04:18 <Zakim> agendum 1 -- Proposal to address issue 125 (failed icon download) -- taken up [from Ian]
17:04:41 <Ian> -> https://github.com/w3c/secure-payment-confirmation/issues/125#issuecomment-1021196522 Proposal
17:05:04 <Ian> smcgruer_[EST]: Proposal is optional input to say "ok if it doesn't download"
17:05:59 <Rolf> Rolf has joined #wpwg-spc
17:06:04 <Ian> ..question of whether it's possible to remove a WebIDL field.
17:06:37 <Ian> John_Bradley: Some concerns about "removal"; zeroing may be more reliable behavior
17:06:48 <Ian> regrets+ Jean-Carlo
17:07:20 <Ian> Doug: What is the status of "placeholder" versus "removal"?
17:07:27 <Ian> ...I would prefer placeholder rather than no icon
17:07:36 <Ian> present+ Werner_Bruinings
17:07:42 <Ian> present+ Rolf_Lindemann
17:07:51 <SameerT> SameerT has joined #wpwg-spc
17:08:21 <Ian> Ian: What type of icon do you mean?
17:08:26 <Ian> Doug: Browser-based
17:08:33 <Ian> q?
17:09:08 <Ian> smcgruer_[EST]: I hear 2 things:
17:09:23 <Ian> a) Did the browser show something or literally nothing?
17:09:42 <Ian> b) If the browser shows something, it would be a PNG that shipped with the browser.
17:10:02 <Ian> Doug: From a validator POV, you'd always be able to verify that either the proper card art was shown, or a default logo for the browser was shown.
17:10:15 <Ian> John: The browser could also use a URL or URN here.
17:12:09 <Ian> IJ: Is there a difference from the perspective of the validator?
17:14:16 <Ian> q?
17:14:28 <Ian> JohN: The merchant can always tamper with the card art URL.
17:14:37 <Ian> ...you need to validate the assertion in all cases
17:15:42 <Ian> ....might make server side processing easier if there's always the same data type (e.g., a URL)
17:17:13 <Ian> Doug: I think the boolean would be useful for the validator.
17:17:15 <SameerT> q+
17:17:39 <Ian> Doug: Possibly from a UI perspective I would like to "not see something wrong" (e.g., missing card art)
17:17:51 <Ian> ...I would not want it to look different each time; would like to see a persistent backup.
17:17:53 <Ian> ack SameerT
17:19:40 <Ian> q+
17:20:36 <Rolf> q+
17:21:07 <Ian> John_Bradley: The question of "typing" might be why Stripe wanted the member removed rather than being empty; we should get their input.
17:21:16 <Ian> ack Rolf
17:21:19 <smcgruer_[EST]> q?
17:21:37 <Ian> Rolf: What is the clear statement of the problem?
17:21:53 <Ian> ...is the attack a dynamic URL? Bad icon?
17:22:24 <Ian> smcgruer_[EST]: The background to the original request for this functionality is that there are users of SPC who do not mind if the card art doesn't show.
17:22:46 <Ian> ...or e.g., CSP policy or other issues got in the way, and callers were ok with failure.
17:25:22 <Ian> Ian: I suggest decoupling data from UX. And saying UX could / should include generic card art
17:25:38 <Ian> John_Bradley: Yes, saying "show generic card art" or similar
17:25:47 <Ian> Ian: It's not necessarily cards.
17:25:56 <Ian> John_Bradley: Right, generic instrument icon
17:27:10 <smcgruer_[EST]> https://www.irccloud.com/pastebin/0Ov42m1s/
17:27:13 <Ian> John_Bradley: I think it's fair to say a generic instrument icon should be displayed when this error happens.
17:28:25 <Ian> smcgruer_[EST]: I think the PR is ready to go; please leave a comment on the PR.
17:28:52 <Ian> zakim, close item 1
17:28:52 <Zakim> I see a speaker queue remaining and respectfully decline to close this agendum, Ian
17:28:56 <Ian> zakim, take up item 2
17:28:56 <Zakim> agendum 2 -- New issue 172: Opt-out link enhancement -- taken up [from Ian]
17:29:03 <smcgruer_[EST]> q?
17:29:06 <smcgruer_[EST]> q- Ian
17:29:10 <Ian> -> https://github.com/w3c/secure-payment-confirmation/issues/172
17:29:31 <Ian> [Stephen summarizes 172]
17:29:59 <Ian> ....Stripe feels that some feature like this is necessary for them to use SPC
17:30:28 <Ian> John: What is diff between opt-out and cancel?
17:34:08 <SameerT> q+
17:35:54 <Ian> ack Sam
17:36:03 <Ian> Next meeting: 7 February
17:36:16 <Ian> RRSAGENT, make minutes
17:36:16 <RRSAgent> I have made the request to generate https://www.w3.org/2022/01/31-wpwg-spc-minutes.html Ian
17:36:22 <Ian> RRSAGENT, set logs public