Jon Cooper, talking about S-HTTP, writes:
I don't much see the point in encrypting _EVERYTHING_, and if you're only talking about encrypting a credit card number or an occasional paid-for document, it shouldn't be much of a burden at all with a good implementation.
There are a number of times when you might want to do this, such as delivering an information product as well as paying for it (e.g. a new software release, shipped encrypted to avoid eavesdroppers pirating it for free), or information you want conveniently accessible on the web but only to approved people (e.g. your political campaign's strategy material or your corporate information made available to your sales group who are often out at customer sites instead of behind your firewall), or your corporate complaints web-form (enter your problem in the box below; please type legibly), or of course your politically-incorrect- substance ordering system, which should provide anonymity as well as payment and ordering, (which may be beyond the complexity of S-HTTP.) Bill