[8984] in cryptography@c2.net mail archive
Re: non-repudiation, was Re: crypto flaw in secure mail standards
daemon@ATHENA.MIT.EDU (Lynn.Wheeler@firstdata.com)
Mon Jul 9 17:44:22 2001
To: EKR <ekr@rtfm.com>
Cc: Greg Broiles <gbroiles@well.com>, jamesd@echeque.com,
James M Galvin <galvin@acm.org>, cryptography@wasabisystems.com,
ansi-epay@lists.commerce.net
From: Lynn.Wheeler@firstdata.com
Date: Mon, 9 Jul 2001 10:02:49 -0700
Message-ID: <OF7DADA42C.294C9038-ON88256A84.005D5235@fdcsg.1dc.com>
MIME-Version: 1.0
Content-type: text/plain; charset=us-ascii
for a fuller discussion of SSL & SET discussion ... set x9a10 mailing list
archives
http://lists.commerce.net/archives/ansi-epay/199905/maillist.html
the above has the postings in reverse cronological order.
but, basically the bottom line is that there are a number of merchant
credit card business process that require the merchant to have the PAN (or
merchant credit card stuff doesn't work).
specific posting (from somebody at visa):
http://lists.commerce.net/archives/ansi-epay/199905/msg00009.html
Eric Rescorla <ekr@speedy.rtfm.com>@rtfm.com on 07/07/2001 11:54:44 AM
Please respond to EKR <ekr@rtfm.com>
Sent by: ekr@rtfm.com
To: Lynn Wheeler/CA/FDMS/FDC@FDC
cc: Greg Broiles <gbroiles@well.com>, jamesd@echeque.com, James M Galvin
<galvin@acm.org>, cryptography@wasabisystems.com,
ansi-epay@lists.commerce.net
Subject: Re: non-repudiation, was Re: crypto flaw in secure mail standards
Lynn.Wheeler@firstdata.com writes:
> one of the biggest problems that has led to most of the regulations is
the
> ease that account-number harvesting can occur and then the account number
> used in fraudulent, non-authenticated transactions. The SET-like
protocols
> didn't address this issue.
How so? In at least one mode, SET denied the merchant the PAN.
-Ekr
--
[Eric Rescorla ekr@rtfm.com]
http://www.rtfm.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
