>
> We have taken the approach described by Michael on our network.
>
> The SSL server that accepts the information must obviously by connected to
> the Internet. However, the information is immediately transferred to another
> machine that, although it is connected to the SSL server, does not have any
> direct connection to the Internet.
That is to access "another" one require at least to break-in first one
running SSL server and this unlikely to not be noticed while trying to
break-in "another". Sure it's better than just one SSL server.
> Storing the information on the SSL server is a Very Bad Idea (tm), as it
... storing in clear...
> makes it available to anyone who can hack into SSL server. Putting it at
> arms length, whilst not necessarily more secure in an absolute sense,
> extends the time it will take for someone to crack the connection, which
> increases the likelihood that you will catch them before they succeed.
One can generate another one keypair, (RSA) to encrypt card numbers
with this public key instead. Sure one should remove this private key
from SSL server and use it only when charging credit cards.
Something like reading database from SSL server by an application running
on a right workstation, de-crypting credit card numbers for charging.
This way you will not leak stored numbers even while break-in a server
that can be placed to provider's premises. One still required to keep
watching the server but this way one can lower the damage of break-in.
Well, this setup is not yet running by me
Vadim
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
