[32137] in North American Network Operators' Group
Re: Defeating DoS Attacks Through Accountability
daemon@ATHENA.MIT.EDU (Joe Abley)
Sun Nov 12 12:04:12 2000
Date: Sun, 12 Nov 2000 12:03:06 -0500
From: Joe Abley <jabley@automagic.org>
To: Sean Donelan <sean@donelan.com>
Cc: mrp@connect.com.au, nanog@merit.edu
Message-ID: <20001112120304.A15892@buddha.automagic.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20001112064113.26716.cpmta@c004.sfo.cp.net>; from sean@donelan.com on Sat, Nov 11, 2000 at 10:41:13PM -0800
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, Nov 11, 2000 at 10:41:13PM -0800, Sean Donelan wrote:
> How would you propose to handle the case where a person has a credit
> card number, and then you receive a request from a third party with
> no evidence of any authorization from the registered card owner to
> charge stuff on that card number?
The card gets charged regardless; if that turns out to be an unauthorised
transaction it gets challenged later (assuming it is noticed at all).
That's what happens today, as far as I can see. Uncanny resemblance :)
