On Mon, Feb 07, 2005 at 08:52:40PM -0500, Bob Rogers wrote:
That depends on the number of possible tracking numbers vs. the number
of possible username.pw strings. Since you can make the tracking
number as long as you like, you can always make this solution
arbitrarily less spoofable than
From: David Cantrell [EMAIL PROTECTED]
Date: Tue, 8 Feb 2005 08:23:05 +
On Mon, Feb 07, 2005 at 08:52:40PM -0500, Bob Rogers wrote:
That depends on the number of possible tracking numbers vs. the number
of possible username.pw strings. Since you can make the tracking
On Mon, Feb 07, 2005 at 05:03:51PM -0500, Greg London wrote:
Would it be a secure transaction?
What do you mean by this? What is the transaction? The user paying
the company, or the company shipping to the user, or something else?
hm, well, defining secure in absolute terms is
On 7 Feb 2005, at 11:52 AM, Simon Wilcox wrote:
On Mon, 7 Feb 2005, Greg London wrote:
Can an online store sell stuff over the web without
requiring a password and user account for customers?
The business question is why would they want to ?
Most people who buy online are familiar with the concept
Thanks everyone for all the help on this.
I got all the info I need to make my case.
Whether anything changes is up to them.
Pizza on me tonight.
No, wait, let me rephrase that. I'll be buying pizza tonight.
:)
___
Boston-pm mailing list
GL == Greg London [EMAIL PROTECTED] writes:
GL Thanks everyone for all the help on this.
GL I got all the info I need to make my case.
GL Whether anything changes is up to them.
GL Pizza on me tonight.
GL No, wait, let me rephrase that. I'll be buying pizza tonight.
GL :)
gosh
boston-pm@mail.pm.org
cc
Subject
RE: [Boston.pm] [OT] selling a widget online. Password required?
Thanks everyone for all the help on this.
I got all the info I need to make my case.
Whether anything changes is up to them.
Pizza on me tonight.
No, wait, let me rephrase that. I'll be buying
hi
( 05.02.07 10:48 -0500 ) Greg London:
For a one-time buyer, going to a website to purchase
something, it seems like needless overhead to ask them
to create an account, make up a password (and figure out
a way to remember it), when they're only going to ever
make one purchase.
yes, but
GL == Greg London [EMAIL PROTECTED] writes:
GL Can an online store sell stuff over the web without
GL requiring a password and user account for customers?
GL the details
GL Said widget is physical, so delivery may take some time,
GL therefore customers may want to check on
On Mon, 7 Feb 2005, Greg London wrote:
Dan Boger said:
- Register, and be able to track your package,
Could you track an order with just a tracking number?
Maybe an email address and a tracking number?
I would think the tracking number could act as a
one-time password, sort of. But
On Feb 7, 2005, at 11:33 AM, Greg London wrote:
Could you track an order with just a tracking number?
Maybe an email address and a tracking number?
I would think the tracking number could act as a
one-time password, sort of. But maybe I'm missing something.
I could see a potential security issue
Ecommerce sites are already in existence to sell your software on commision
(generally quite nominal) and they take care of all these questions for you.
Perhaps they would also do books, especially if they are related, if asked.
Esellerate and emetrix are a couple that come to mind.
Jim
On Mon, 7 Feb 2005, Greg London wrote:
Simon Wilcox said:
I don't know any big name web sites that only expect to have one and only
one transaction with a customer. Repeat business is what they want and in
those cases they need to make the process as easy as possible so accounts
are
Simon Wilcox said:
Surely the argument has to go along the lines that :
The argument hasn't even gotten that far.
I suggested book buyers be able to buy a book
without setting up an account/password.
Several people have chimed in that it is impossible.
The company has so far remained silent.
I
So, if a buyer goes to a website, puts in his email address
and fills out his order information (product, CC#, shipping address)
could the site give him a tracking number / one-time password
so he could check the status of his order and report a problem?
Would it be possible to do this in a
GL == Greg London [EMAIL PROTECTED] writes:
GL Simon Wilcox said:
Surely the argument has to go along the lines that :
GL The argument hasn't even gotten that far.
GL I suggested book buyers be able to buy a book
GL without setting up an account/password.
GL Several people have
I'll buy pizza for a perlmonger meeting if I can get a
definite yes/no answer on these questions.
Greg London said:
So, if a buyer goes to a website, puts in his email address
and fills out his order information (product, CC#, shipping address)
could the site give him a tracking number /
Greg London wrote:
There is also a lot of resistance to buyign books online
in general.
I very strongly suspect that this is bollocks. [I snipped the rest of
that paragraph deliberately because it is irrelevant.]
But getting rid of creating an account to buy one book
means that book-buyers are
On Mon, Feb 07, 2005 at 04:04:16PM -0500, Greg London wrote:
I'll buy pizza for a perlmonger meeting if I can get a
definite yes/no answer on these questions.
Don't you always buy the pizza anyway? :)
The problem is the word 'secure' - it means different things to
different people. My take:
hi
( 05.02.07 16:04 -0500 ) Greg London:
I'll buy pizza for a perlmonger meeting if I can get a
definite yes/no answer on these questions.
could the site give him a tracking number / one-time password
so he could check the status of his order and report a problem?
yes
Would it be
Dan Boger wrote:
On Mon, Feb 07, 2005 at 04:04:16PM -0500, Greg London wrote:
I'll buy pizza for a perlmonger meeting if I can get a
definite yes/no answer on these questions.
Don't you always buy the pizza anyway? :)
Actually, that would describe Ron.
I've done it a few times,
I'm
John Saylor wrote:
Would it be any less secure than having the user
set up an account and their own password?
yes, more prone to spoofing since it's only one piece of info [trakcing
number] instead of 2 [username/pw].
Is this if the tracking number / one-time password is
tied to the
On Mon, 7 Feb 2005, Greg London wrote:
I'll buy pizza for a perlmonger meeting if I can get a
definite yes/no answer on these questions.
Greg London said:
So, if a buyer goes to a website, puts in his email address
and fills out his order information (product, CC#, shipping address)
Greg London:
Would it be any less secure than having the user
set up an account and their own password?
John Saylor wrote:
yes, more prone to spoofing since it's only one piece of info [trakcing
number] instead of 2 [username/pw].
( 05.02.07 17:08 -0500 ) Greg London:
Is this if
24 matches
Mail list logo