A couple of newbie ?s
Fri Mar 2 21:20:10 2001
I'd like to use pgp to encrypt a form on a web site for a shopping cart.
This means I need a commercial license for the pgp on the server. I phoned
network solutions and the cost was astronomical for the kind of web site
that needs it. I then came to pgpi.com and discovered that it is possible
to use gpg.
Here are few questions which I couldn't find in the documentation.
a. Is it possible to use a public key created by pgp version 6.x
(commercial or free version) using Diffie Hellman or RSA. eg. Add this key
to the gpg keyring. Use it to encrypt an e-mail generated for a web-form
then have the owner of the public key use their pgp software (commercial or
free) decrypt the e-mail received.
(I experimented with the Diffie Hellman using pgp on one machine (Windows
98) and then using gpg on another (Windows NT) and it worked but I thought
it uses now RSA or ELG - (taken from the gpg --help).
b. Is it possible to take a pgp (commercial or free version) public key
ring and rename it as a gpg public keyring. Then use it simply to lookup
the public keys for encrypting again data from a web site form sent as an
e-mail to the owner of the public key.
I ask these questions because I'd like to have the gpg unix version
installed for the web site but I'd like the customers to be able to use pgp
6.x (commercial or free) or gpg to create their public/private keys and
decrypt their e-mails encrypted with gpg.
BTW I find this encryption stuff fascinating.
Thanks in advance