[13432] in cryptography@c2.net mail archive
Re: Maybe It's Snake Oil All the Way Down
daemon@ATHENA.MIT.EDU (Bill Frantz)
Tue Jun 3 21:44:23 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <63421CA0-9609-11D7-A99C-000393754B1C@vangelderen.org>
Date: Tue, 3 Jun 2003 15:15:16 -0700
To: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>
From: Bill Frantz <frantz@pwpconsult.com>
Cc: "'cypherpunks'" <cypherpunks@lne.com>,
<cryptography@metzdowd.com>
At 2:21 PM -0700 6/3/03, Jeroen C. van Gelderen wrote:
>Perhaps that measure is too coarse grained. For instance, in the domain
>of "security advisories" most emails are digitally signed with OpenPGP.
>And in the domain of online credit card payments HTTPS has displaced
>HTTP.
I know of one system that takes credit cards over HTTPS, and then sends the
credit card number, encrypted with GPG to a backend system for processing.
It isn't perfect, but it's better than storing the credit card number on a
database accessible to the web server. (I would feel a lot better if
Amazon didn't remember my credit card number.)
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Due process for all | Periwinkle -- Consulting
(408)356-8506 | used to be the | 16345 Englewood Ave.
frantz@pwpconsult.com | American way. | Los Gatos, CA 95032, USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
