thank you. i'll look into it. How much do you pay for this service?
--- Trond Michelsen <[EMAIL PROTECTED]> wrote: > On Tue, Aug 10, 2004 at 04:00:58PM -0700, Bart > Simpson wrote: > >> APR::Base64 and APR::URI look pretty > >> useful too. > > What are some practical uses of APR::Base64? > Encoding > > credit card nums before storing in DB? Passwords? > > > Well, Basic Authentication uses Base64 to encode the > username/password > string, so this is probably why it's part of the > Apache api. > > > describes it as encoder/decoder of strings but > leave > > actual uses to the imagination of the programmer. > I'm > > particular in need of encrypting/encoding credit > card > > nums before storing them and am curios what this > > module is and is not appropriate for. > > First of all, base64 encoding is useless for > encrypting data. It is > easy to recognise, and it's easy to decode. It's > probably safer to > store the cc-numbers in plain text, but backwards. > > Then again, encryption won't do you much good > either, if it's > automatically decrypted by a program. If an intruder > manages to get > access to your data, he'll probably gain access to > your program as > well, which in turn will give him full access to all > your encrypted > data. > > The best thing is if you can avoid storing the > CC-numbers at > all. Where I work, we only store an encrypted key. > When the customer > first enters the CC-details, we encrypt the data > using our merchant > certificate, and send it to our acquirer, and we get > back a key. We > never store the CC number anywhere. The key itself > can not be used to > get back the CC number. But we use this key when we > want to charge the > customer. The key is also locked to our account, so > they will be > completely useless to an intruder. > > -- > Trond Michelsen > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
