cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1997-11-12 - Re: SET

Header Data

From: John Deters <jad@dsddhc.com>
To: Jeremey Barrett <rah@shipwright.com>
Message Hash: 0e68050353373df1b08e1de8e3b943ebae6d2cddd16d8ff888777932bbcee83a
Message ID: <3.0.5.32.19971112165216.00990790@labg30>
Reply To: N/A
UTC Datetime: 1997-11-12 23:04:09 UTC
Raw Date: Thu, 13 Nov 1997 07:04:09 +0800

Raw message

From: John Deters <jad@dsddhc.com>
Date: Thu, 13 Nov 1997 07:04:09 +0800
To: Jeremey Barrett <rah@shipwright.com>
Subject: Re: SET
Message-ID: <3.0.5.32.19971112165216.00990790@labg30>
MIME-Version: 1.0
Content-Type: text/plain



At 11:18 AM 11/12/97 -0800, Jeremey Barrett you wrote:
>Robert Hettinga writes:
> > 
> > Unfortunately, I think that no MIS manager will get fired for using
SET, and
> > it'll take a serious demonstration of a security breach before people will
> > listen to anything else. At least until someone demonstrates a transaction
> > protocol which is, say 3 orders of magnitude cheaper...
>
>Perhaps... OTOH, SET is SO bad that it will be impossible to deploy,
>probably forcing everyone away from it anyway.

Having spent the last ten years at this retail outfit, I can assure you
that "impossible to deploy" != "won't be deployed".  If Mastercard tells us
that they will jack our rates by 0.5% for every transaction processed
without SET, then management will demand SET be rolled out.  Function be
damned, security be damned, as long as some bookkeeper somewhere is
satisfied that SET happens, then we avoid a huge rate increase.

If the security of SET is questioned in the trade rags, our management's
approach will be to assume that Mastercard will fix it in the future, but
roll it out now anyway.  OTOH, it's obvious (even to them) that SET
couldn't possibly be any *less* secure than current authorizing techniques.

*Sigh*.  Look for copyrighted swirly red/orange logos to appear on
retailer's doors' soon:  
    "SET(tm) Transaction Processing -- 
     It's safe to use your Mastercard here"

John, who will get dragged into implementing it.  Got any suggestions?
--
J. Deters "Don't think of Windows programs as spaghetti code.  Think
          of them as 'Long sticky pasta objects in OLE sauce'."
+--------------------------------------------------------------------+
| NET:   mailto:jad@dsddhc.com (work)   mailto:jad@pclink.com (home) |
| PSTN:  1 612 375 3116 (work)          1 612 894 8507 (home)        |
| ICBM:  44^58'36"N by 93^16'27"W Elev. ~=290m (work)                |
| For my public key, send mail with the exact subject line of:       |
| Subject: get pgp key                                               |
+--------------------------------------------------------------------+

Thread