[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] off subject- billing

Subject: Re: [cobalt-users] off subject- billing
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Fri Feb 11 23:39:37 2000

At 04:00 PM 2/11/00 -0800, you wrote:

That gets a little tricky because we'd have to have those card numbers on
the server , and I am assuming that it would be on a shared server like a
Raq2.  So it'd have to be encrypted when not in use, etc.

Never keep credit card numbers on an Internet connected system any longerthan necessary to accept the card, encrypt the information, and send it on.

Would you be comfortable having the CCs encrypted on the server using PGP,
you keep the private key on your personal machine or offline somewhere.


Nope.

Every month, when it goes to bill, you connect up over ssh (secure shell) or
https (this would require a secure cert and ssl server) and supply the code
to decrypt.  It would then do all its billing and be done with it.

I'd only feel comfortable if the CC#s were kept on an offline system. Evena system behind a firewall wouldn't really thrill me.


Jeff

--
Jeff Lasman <jblists@xxxxxxxxxxxxx>

References:
- Re: [cobalt-users] off subject- billing
  - From: RHLinux- WHN
- Re: [cobalt-users] off subject- billing
  - From: Kris Dahl

Prev by Date: [cobalt-users] FTP question
Next by Date: Re: [cobalt-users] Name based sites
Previous by thread: Re: [cobalt-users] off subject- billing
Next by thread: RE: [cobalt-users] off subject- billing

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index