17 Dec
2003
17 Dec
'03
11:17 p.m.
from Internet World, 2 Mar 98, "Reply to All" (reader feedback) Credit card transactions over the Net are new, but not overly different. We know how to do credit card transactions where there is no physical card: over the pohne. And we know how to establish a secure merchant-customer session: via SSL. SET is a complicated, server-intensive protocol, and I have trouble believing its possible to implement a two-inch-thick standard without security bugs. I'm not surprised merchants are so slow in acepting it. Why bother? [signed by Bruce Schneier]