commit 0bc7dea7f6512ea2fb6225c078925ef194155c50
parent dfbff4f80c2356838526cc8da7feaa3ddf1e32a9
Author: Florian Dold <florian.dold@gmail.com>
Date: Tue, 28 Apr 2020 14:59:54 +0530
add clarification (based on Roman Danyliw's feedback)
Diffstat:
1 file changed, 5 insertions(+), 0 deletions(-)
diff --git a/standards/draft-dold-payto.xml b/standards/draft-dold-payto.xml
@@ -397,6 +397,11 @@ account specification, as it could give the user the illusion of being able
to identify the target account from the URI.
</t>
<t>
+The authentication/authorization mechanisms and transport security services
+used to process a payment encoded in a payto URI
+are handled by the application and are not in scope of this document.
+</t>
+<t>
To avoid unnecessary data collection, payment target types SHOULD NOT
include personally identifying information about the sender of a payment that is not
essential for an application to conduct a payment.
