Reasonable security

Russ Schnapp rlssdpm at
Mon Apr 3 17:31:38 CDT 2000

On 3 Apr 00, at 10:22, Joel Fentin wrote:

> >Well, if you aren't using a secure http server to retrieve the
> credit 
> >card number.......
> And if I am?

Well, then, it makes sense to encrypt your data...

> =========================
> >Otherwise, you might consider using PGP to encrypt the number 
> >with the owner's public key.
> I am not sure I understand what you are saying. Perhaps one of
> the following:
> 1. The site sends an encrypted email attachment to the owner of
> the site (who knows nothing about computers). She has a windows
> decryption program which can open the attachment without her
> having to learn a lot of things.
> 2. The encrypted credit card number is in the body of the email.
> PGP is a standard encryption of email, and her Netscape/IE/eudora
> email program will handle the details.
> 3. The encrypted credit card number is appended onto the end of a
> file sitting on the server, and a Windoz/DOS based perl program
> must be written to read the file.

Yes, any of the above should work.  Instead of trying to spawn pgp 
(which was my first thought), you might want to look at CPAN 
resources for encryption.  See, for instance,


The posting address is: san-diego-pm-list at

List requests should be sent to: majordomo at

If you ever want to remove yourself from this mailing list,
you can send mail to <majordomo at> with the following
command in the body of your email message:

    unsubscribe san-diego-pm-list

If you ever need to get in contact with the owner of the list,
(if you have trouble unsubscribing, or have questions about the
list itself) send email to <owner-san-diego-pm-list at> .
This is the general rule for most mailing lists when you need
to contact a human.

More information about the San-Diego-pm mailing list