On Mon, Jun 14, 1999 at 01:19:29PM -0400, D. Clyde Williamson wrote:
> Implement PGP so that files are PGP-Encrypted before it's ftp'd.
If you use ftp, eventually (sometimes very quickly) you get to
scripted ftp, then eventually (pretty quickly, too) to hardcoded
passwords.
Given that your data files have been pgp'ed (having gone through
the proper ritual of oob key exchange and all that), I'd suggest
anonymous get-only ftp or smtp.
Of course, if your pgp passphrase is hardcoded in a script somewhere,
or if you have none, or your computer which does the pgp'ing runs a
browser with Java/JavaScript/ActiveX on and surfs anywhere and everywhere...
--
Ng Pheng Siong <[EMAIL PROTECTED]>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
