Michael wrote:
>
> Credit card information should not be kept on the server. Send it on a
> one-way only trip to a second machine which is no accessible via the
> internet.
How do you do that, then? (FWIW, I agree with the "one way trip" bit,
but it seems to me that "not accessible via the Internet" is a
contradiction - "accessible in only a very restricted way" would make
more sense).
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
