Yeah, I was wondering how you were planning to handle that. A node could end up holding an IOU to the last link and then suddenly the transaction is canceled and he has an IOU from someone he doesn't trust.
The mechanism is that each node first promises the one ahead that it will pass an IOU in exchange for a commit token signed by a certain key, determined by the last node (the payment recipient). Once all the promises are made, the recipient generates a commit token and passes it back to the previous node in exchange for an IOU, and so on back to the first node (the payer).
This is enough if all the nodes remain online and they are all well-behaved, but in case not, I've proposed a system of commit registries as an extension that should be fairly robust against node failure and cheating:
https://groups.google.com/forum/#!msg/rippleusers/Ruy_QIb0AAY/fUF5bGNJWXkJ
Ryan