SSL, client certs, and MITM (was WYTM?)

[Peter Gutmann]

daw at mozart.cs.berkeley.edu (David Wagner) writes:

>When I establish a credit card with Visa, I generate a new client certificate
>for this purpose and register it with www.visa.com.  When I want to buy a
>fancy hat from www.amazon.com, Amazon re-directs me to
>https://ssl.visa.com/buy.cgi?payto=amazon&amount=$29.99&item=hat My web
>browser opens a SSL channel to Visa's web server, authenticating my presence
>using my client cert.  Visa presents me a description of the item Amazon
>claims I want to buy, and asks me to confirm the request over that
>authenticated channel.  If I confirm it, Visa forwards payment to Amazon and
>debits my account.  Visa can tell whose account to debit by looking at the
>mapping between my client certs and account numbers.  If Amazon wants to
>coordinate, it can establish a separate secure channel with Visa. (Key
>management for vendors is probably easier than for customers.)
>
>Does this work?

In theory, yes.  See "SET" :-).  It runs into a lot of the problems that SET
ran into as well, e.g. that half the merchants use the CC# (technically the
PAN) as the primary key for all their accounts so they want to process
everything themselves (the SET specs were changed at one point to make the PAN
visible to the merchant so they could continue this practice, completely
defeating one of the main benefits of the scheme), that no-one wants to pay to
build that sort of infrastructure, that [insert standard SET lament with
backing violins].

So in theory, yes, it would work.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com