[669] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

iKP requirement for privacy

daemon@ATHENA.MIT.EDU (Ned Smith (nedbob))
Thu May 4 21:22:23 1995

From: "Ned Smith (nedbob)" <nedbob@sequent.com>
To: "'www-security mailing list'" <www-security@ns2.rutgers.edu>
Date: Thu, 04 May 95 15:07:00 PDT
Errors-To: owner-www-security@ns2.rutgers.edu

In the iKP paper section C5 paragraph a, it states:

"Privacy, The privacy of order information and amount of payment should be 
implemented independently of the the payment protocol, e.g. SHTTP or SSL"

Why?

The merchant already knows this information as a result of the customers 
interaction with the cyber-store. What is the security principle that 
motivates the above requirement?

Regards,
Ned Smith
nedbob@sequent.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[669] in WWW Security List Archive

iKP requirement for privacy

daemon@ATHENA.MIT.EDU (Ned Smith (nedbob))Thu May 4 21:22:23 1995

daemon@ATHENA.MIT.EDU (Ned Smith (nedbob))
Thu May 4 21:22:23 1995