understanding what gnugp can do
Mon, 23 Oct 2000 17:48:45 -0500
Content-Type: text/plain; charset=us-ascii
Big Brother tells me that Armin Hartinger wrote:
> Seems that echo here on this NT box at work doesn't seem to have an optio=
n to omit
> the newline. So I tried something else... I put the passphrase into a tex=
> just piped the output of this textfile into the command you described:
Ah... didn't realize that it was an NT box. In any event, reading
from a file is a better way to do it in the long run...
> C:\gpg>type pass.txt | gpg --passphrase-fd 0 -d test.gpg
> And it worked alright! (use cat on a *nix machine of course).
> Thanks for your great help! Another problem solved. And I'm confident tha=
t I get a
> decent solution now to work that my wife can process the decrypted orders.
> Let's just hope that the customers appreciate the security.
As long as you don't let them know that the key is stored unencrypted
on the hard drive...
> How many % of stores you guys think send around plaintext emails of their=
> names CC#?
Pretty low. What I did was to public encrypt the card and store it into
a TEXT field in the db. Then, the customer we did the web site for just
goes to an https page and enters the pass phrase before the https page disp=
the card info. Thus, the data is stored on the disk encrypted, and it is
transmitted to the admins encrypted (SSL).
I couldn't do it without PGP or GPG... there is no way to stored the
data on the disk without also storing the key unless one uses public
encryption. I imagine that most administrators transmit the credit cards
fairly securely, but that fewer consider encrypting the data for storage...
"Restore your inalienable human rights. Jack McKinney
Vote Libertarian. http://www.lp.org http://www.lorentz.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to email@example.com