[17886] in cryptography@c2.net mail archive
Re: the limits of crypto and authentication
daemon@ATHENA.MIT.EDU (Aram Perez)
Thu Jul 14 11:29:49 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <873bqhfrnl.fsf@snark.piermont.com>
From: Aram Perez <aramperez@mac.com>
Date: Thu, 14 Jul 2005 07:59:16 -0700
To: cryptography@metzdowd.com
On Jul 14, 2005, at 6:23 AM, Perry E. Metzger wrote:
> Rich Salz <rsalz@datapower.com> writes:
>
>>> I think that by eliminating the need for a merchant to learn
>>> information about your identity I have aimed higher. Given that
>>> we're
>>> talking about credit instruments,
>>
>> Wasn't that a goal of SET?
>
> Some of it was, yah. I don't claim that any of this is original. The
> problem with SET was that the protocol was far too complicated to
> implement (hell, the spec was nearly too heavy to lift), and it was
> proposed well before people even had USB connectors on their
> computers, let alone cheap USB card interfaces. I think people threw
> out the baby with the bathwater, though. The general idea was correct.
While the SET protocol was complicated, it's failure had nothing to
do with that fact or the lack of USB on PCs. You could buy libraries
that implemented the protocol and the protocol did not require USB.
IMO, the failure had to do with time-to-market factors. In the late
90s, when ecommerce was just at it's infancy and you took the risk of
setting up a web store, were you going to wait you could integrate a
SET toolkit into you web site and until your customers had SET
wallets installed on their PCs before selling a product? Or were you
going to sell to anyone who used a web browser that supported SSL? It
was very simple economics, even if you had to pay VeriSign $400 for
your SSL certificate and pay Visa/MasterCard a higher fee.
Respectfully,
Aram Perez
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
