Maybe It's Snake Oil All the Way Down

Bill Frantz frantz at pwpconsult.com
Tue Jun 3 15:15:16 PDT 2003


At 2:21 PM -0700 6/3/03, Jeroen C. van Gelderen wrote:
>Perhaps that measure is too coarse grained. For instance, in the domain
>of "security advisories" most emails are digitally signed with OpenPGP.
>And in the domain of online credit card payments HTTPS has displaced
>HTTP.

I know of one system that takes credit cards over HTTPS, and then sends the
credit card number, encrypted with GPG to a backend system for processing.
It isn't perfect, but it's better than storing the credit card number on a
database accessible to the web server.  (I would feel a lot better if
Amazon didn't remember my credit card number.)

Cheers - Bill


-------------------------------------------------------------------------
Bill Frantz           | Due process for all    | Periwinkle -- Consulting
(408)356-8506         | used to be the         | 16345 Englewood Ave.
frantz at pwpconsult.com | American way.          | Los Gatos, CA 95032, USA



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com





More information about the cypherpunks-legacy mailing list