At 11:08 AM 11/1/2001, vertigo wrote: > It appears that a lot >of work has to be done and a lot of money spent before even a small amount of >trust in an individual's proof of identity (on a world- or Internet-wide >scale) can be established.
Hmmm. I'm able to walk into a bank in semi-rural Italy and pull hundreds of dollars out of my credit card account. I'm able to buy subscriptions to Russian news sites. This seems pretty world-wide and Internet-wide to me. Existing systems work pretty well even if they don't achieve some cosmic notion of "Trust" or "Identity." Of course, the process isn't 100% foolproof, and I'd be less likely to take advantage of it if fraud recovery fell more heavily on me as a consumer. Even so, there are generally enough valid transactions to cover the costs of the invalid ones to Web site proprietors and remote bank branches. Even if computer based mechanisms have shortcomings, the overall system is pretty robust. If Microsoft's system is too brittle, then they'll pay for it through fraud expenses. If people find it unreliable or untrustworthy, they'll use other mechanisms for buying things. While I would feel compassion for consumers who are hurt or inconvenienced by some huge scam that exploited a poor Microsoft security implementation, such a scenario would be entertaining to watch. Regardless of .Net's expected convenience, most people will probably still patronize non-.Net vendors when they offer better prices, regardless of the inconvenience. It's not that hard to re-enter billing information, especially when compared to driving across town to the discount store instead of using the higher-cost mini-mart down the street. Rick. [EMAIL PROTECTED] roseville, minnesota "Authentication" in bookstores http://www.visi.com/crypto/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
