At 05:56 PM 1/31/96 -0500, Nathaniel Borenstein wrote about Jeffs attack:
Your attack would be caught by us relatively quickly because our model is based not on a single fail-safe piece of security software, but on *process* security. The overall process is multifaceted, with many checks and balances.
Yes this is all fine and good - but your process does not allow for real time delivery of goods. For example: Somebody wants to buy say micrsoft office from me for electronic delivery (yes they have a lot of bandwidth :-). I can authorize a credit card, fun it by my fraud screen and start shipping in less than 30 seconds. At this point the transaction is done. In the FV model as I understand it I'd have to ship the software and wait for an approve/deny/fraud from the user. If it's anything but approved I'm SOL, I still have to pay Microsoft for the product but I didn't get paid. Solve that process flaw and I'll add FV support to software.net. John Pettitt, jpp@software.net VP Engineering, CyberSource Corporation, 415 473 3065 "Technology is a way of organizing the universe so that man doesn't have to experience it." - Max Frisch