On Wed, 2005-07-13 at 23:43 -0400, Rich Salz wrote:
> > I think that by eliminating the need for a merchant to learn
> > information about your identity ...
> Wasn't that a goal of SET?

As I recall, the goal of SET was to have a standard
that was not invented by CyberCash. (I may be biased, I
worked at CyberCash at the time).

Both SET and the CyberCash protocols did not allow the
merchant to have access to the purchasers's PAN/expry.
Everyone back then knew that since the PAN was considered
a secret, you couldn't be casual about passing it 
around. And merchant fraud was a much more realistic
problem that capturing data on the fly.

CyberCash was forced to change the system to allow
the merchant to have access to the PAN so that
merchants could back out transactions for returns
or defects. The change was made in the field by
a support engineer before the security folks in 
engineering had a chance to have a fit. I don't
remember why we accepted such a bad practice.

In all the discussion here, the thing that
strikes me is that we need to stop using secrets
as proof of anything. Seems that Chaum's
credentials without identities are a much better
approach, and I'd guess that his patents
are long expired.


Pat Farrell

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to