Credit card information should not be kept on the server. Send it on a
one-way only trip to a second machine which is no accessible via the
internet.
On Fri, 9 Jul 1999, Russell D. Weiss wrote:
> Hey,
>
> I'm new to cryptography and I haven't done much with it. I have Apache-SSL
> working with a Thawte certificate. But I have a question? What's the best
> way to store information securely on my server?
>
> I have some PERL Crypt modules that I've played with, but do these support
> public key encryption?
> The scenario is this: I have a client that wants to accept credit cards
> securely. I could just use file permissions to keep things secure (with a
> CGI Wrapper), but this doesn't seem like the right way to go. I want to use
> file permissions in conjunction with encryption.
>
> The ideal situation would be one where I could give the client a password to
> access the secured file on the server. The client would connect via SSL,
> type this password, and view the encrypted file. Is this feasible? How
> would I go about doing this?
>
> Sorry for my naivite, but as I said, I'm very new to encryption.
>
> Thanks,
> Russell
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
