[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Schneier on SET




from Internet World, 2 Mar 98, "Reply to All" (reader feedback)


Credit card transactions over the Net are new, but
not overly different.

We know how to do credit card transactions where there
is no physical card: over the pohne.  And we know how to
establish a secure merchant-customer session: via SSL.
SET is a complicated, server-intensive protocol, and I have trouble
believing
 its possible to implement a two-inch-thick standard without security bugs.
 I'm not surprised merchants are so slow in acepting it.  Why bother?

[signed by Bruce Schneier]