[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: one possible motivation for X.509 -Reply -Reply

>BTW, I had no input into the SET cardholder authorization certificate design
-- but I take pleasure from the fact that they're addressing the same
problem I was, the same way (except for use of X.509 and ASN.1).

Ironically, I did have a fair amount of input to the SET authorization design,
or more exactly with the MasterCard SEPP spec that preceded (and in fact forced)
the rapproachment between MasterCard and Visa. In fact I was largely responsible for
convincing MasterCard to go with a standard X.509 approach rather than the 
cockamamie creation that Visa had designed. I'll also acknowledge the contribution
by Warwick Ford, but it was primarily IBM's and GTE's ball at that point.

Time will tell, but I think that the fact that we were able to write up a complete definition
for the certificate is a very short time, including the non-identity based features, would 
indicate that X.509 and ASN.1 really ain't all that bad.

Regards, Bob