> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:cobalt-developers- > [EMAIL PROTECTED]] On Behalf Of FS > Sent: Wednesday, November 21, 2001 6:01 AM > To: [EMAIL PROTECTED] > Subject: [cobalt-developers] SSL on RAQ 4 basic help > > Hi, > > Can anyone help.? > > I'm trying to set-up a secure connection for a client who wants users to > enter credit card details on a web page and then have these emailed to > them. > No real On-line payment is happening so my thoughts on how to do this > would > be to set up a secure connection via SSL and then send the email using > APOP. > Is this the best way to do this? If so, how do I actually use the SSL on a > web page? I know how to activate it on a site, but how do I actually > implement it for a particular web page (i.e.. the page that has the > details > entered on to it..)? > > I know this is probably quite basic stuff, but would really appreciate > some > help. > > Thanks > > F. >
It is considered very bad form (and misleading) to use a secure site to gather confidential information (such as a credit card number) and then use a less secure means (such as plain-text email) to forward the gathered information over the 'Net to another host. Don't even think about doing this unless the email (end to end, not just host to host) will use a level of encrpyption at least as good as that of your web server (probably 128-bit). Likewise, don't store the data unencrypted in any files on any system, including the secure server and the mail server. When browsing clients see the padlock icon, they have certain expectations of information privacy. You may be opening a king-size can of worms if you violate those expectations for the sake of expediency. Jack _______________________________________________ cobalt-developers mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-developers
