understanding what gnugp can do

Jack McKinney jackmc-gnupg-users@lorentz.com
Mon, 23 Oct 2000 17:48:45 -0500

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Big Brother tells me that Armin Hartinger wrote:

> Jack,
> Seems that echo here on this NT box at work doesn't seem to have an optio=
n to omit
> the newline. So I tried something else... I put the passphrase into a tex=
tfile and
> just piped the output of this textfile into the command you described:
Ah... didn't realize that it was an NT box. In any event, reading from a file is a better way to do it in the long run...
> C:\gpg>type pass.txt | gpg --passphrase-fd 0 -d test.gpg
> And it worked alright! (use cat on a *nix machine of course).
> Thanks for your great help! Another problem solved. And I'm confident tha=
t I get a
> decent solution now to work that my wife can process the decrypted orders.
> Let's just hope that the customers appreciate the security.
As long as you don't let them know that the key is stored unencrypted on the hard drive...
> How many % of stores you guys think send around plaintext emails of their=
> names CC#?
Pretty low. What I did was to public encrypt the card and store it into a TEXT field in the db. Then, the customer we did the web site for just goes to an https page and enters the pass phrase before the https page disp= lays the card info. Thus, the data is stored on the disk encrypted, and it is transmitted to the admins encrypted (SSL). I couldn't do it without PGP or GPG... there is no way to stored the data on the disk without also storing the key unless one uses public encryption. I imagine that most administrators transmit the credit cards fairly securely, but that fewer consider encrypting the data for storage... -- "Restore your inalienable human rights. Jack McKinney Vote Libertarian. http://www.lp.org http://www.lorentz.com http://www.harrybrowne2000.org jackmc@lorentz.com 1024D/D68F2C07 4096g/38AEF076 --7JfCtLOvnd9MIVvH Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjn0wEwACgkQimeon9aPLAfI7QCfe3ZaR+Hv8pnMXZ9gpOsa9TI8 Z54AoL10Dta+M87Sq5lYrl18Sh4mjyWv =VVQ6 -----END PGP SIGNATURE----- --7JfCtLOvnd9MIVvH-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org