Re: announcing: www-buyinfo mailing list

Dave Kristol (dmk@allegra.att.com)
Thu, 11 Aug 94 10:45:52 EDT


Mark Meaders writes (with regard to www-buyinfo mailing list):
> I hope you plan to encrypt the credit card numbers, or in some way protect
> users from fraud.

Of course. Credit card numbers are only the tip of the iceberg.
You're assuming credit cards are the only way I had in mind to pay for
information. In fact, it's one of about a half-dozen different
possible payment schemes. All would require an element of encryption.
For example, in a billing-style server, the server ought to authenticate
you before it hands out information, so it can be sure it's really you
who asked for the information (and will get charged).

Encryption may play two other roles:
- prevent an eavesdropper from getting for free the information
you paid for
- enhance privacy (see http://www.research.att.com/#acc)

David M. Kristol
AT&T Bell Laboratories