Maybe It's Snake Oil All the Way Down
Bill Frantz
frantz at pwpconsult.com
Tue Jun 3 15:15:16 PDT 2003
At 2:21 PM -0700 6/3/03, Jeroen C. van Gelderen wrote:
>Perhaps that measure is too coarse grained. For instance, in the domain
>of "security advisories" most emails are digitally signed with OpenPGP.
>And in the domain of online credit card payments HTTPS has displaced
>HTTP.
I know of one system that takes credit cards over HTTPS, and then sends the
credit card number, encrypted with GPG to a backend system for processing.
It isn't perfect, but it's better than storing the credit card number on a
database accessible to the web server. (I would feel a lot better if
Amazon didn't remember my credit card number.)
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Due process for all | Periwinkle -- Consulting
(408)356-8506 | used to be the | 16345 Englewood Ave.
frantz at pwpconsult.com | American way. | Los Gatos, CA 95032, USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cypherpunks-legacy
mailing list