the limits of crypto and authentication
Pat Farrell
pfarrell at pfarrell.com
Thu Jul 14 09:56:16 EDT 2005
On Wed, 2005-07-13 at 23:43 -0400, Rich Salz wrote:
> > I think that by eliminating the need for a merchant to learn
> > information about your identity ...
>
> Wasn't that a goal of SET?
As I recall, the goal of SET was to have a standard
that was not invented by CyberCash. (I may be biased, I
worked at CyberCash at the time).
Both SET and the CyberCash protocols did not allow the
merchant to have access to the purchasers's PAN/expry.
Everyone back then knew that since the PAN was considered
a secret, you couldn't be casual about passing it
around. And merchant fraud was a much more realistic
problem that capturing data on the fly.
CyberCash was forced to change the system to allow
the merchant to have access to the PAN so that
merchants could back out transactions for returns
or defects. The change was made in the field by
a support engineer before the security folks in
engineering had a chance to have a fit. I don't
remember why we accepted such a bad practice.
In all the discussion here, the thing that
strikes me is that we need to stop using secrets
as proof of anything. Seems that Chaum's
credentials without identities are a much better
approach, and I'd guess that his patents
are long expired.
Pat
--
Pat Farrell
http://www.pfarrell.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list