At 05:08 PM 10/22/2003 -0400, Tom Otvos wrote:

The CC number is clearly not hidden if there is a MITM. I think the "I got my money so who cares
where it came from" argument is not entirely a fair representation. Someone ends up paying for
abuses, even if it is us in CC fees, otherwise why bother encrypting at all? But that is besides
the point.

the statement was SSL domain name certificate is

1) am i really talking to who I think I'm talking to
2) encrypted channel

obviously #1 addresses MITM (am i really talking to who I think I'm talking to).

The issue for CC is that it really is a "shjared secret" and is extremely vulnerable ... as I've commented before

1) CC needs to be in the clear in a dozen or so business processes
2) much simpler to harvest a whole merchant file with possibly millions of CC numbers in about the same effort to evesdrop one off the net (even if there was no SSL) return on investment .... for approx. same amount of effort get one CC number or get millions
3) all the instances in the press are in fact involved with harvesting large files of numbers ... not one or two at a time off the wire
4) burying the earth in miles of crypto still wouldn't eliminate the current shared-secret CC problem

slightly related .... security proportional to risk:

so the requirement given the X9 financial standards working group X9A10

was to preserve the integrity of the financial infrastructure for all electronic retail payment (regardless of kind, origin, method, etc). The result was X9.59 standard

which effectively defines a digitally signed, authenticated transaction .... no certificate required ... and the CC number used in X9.59 authenticated transactions shouldn't be used in non-authenticated transactions. Since the transaction is now digitally signed transactions and the CC# can't be used in non-authenticated transactions .... you can listen in on X9.59 transactions and harvest all the CC# that you want to and it doesn't help with doing fraudulent transactions. In effect, X9.59 changes the business rules so that CC# no longer need to be treated as shared secrets.

misc. past stuff about ssl domain name certificates

misc. past stuff about relying-party-only certificates

misc. past stuff about using certificateless digital signatures in radius authentication

misc. past stuff about using certificateless digital signatures in kerberos authentication

misc. fraud & exploits (including some number of cc related press announcements)

some discussion of early SSL deployment for what is now referred to as electronic commerce

Anne & Lynn Wheeler
Internet trivia 20th anv

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to