Credit card information should not be kept on the server. Send it on a
one-way only trip to a second machine which is no accessible via the
internet.
On Fri, 9 Jul 1999, Russell D. Weiss wrote:
Hey,
I'm new to cryptography and I haven't done much with it. I have Apache-SSL
working with
Michael wrote:
Credit card information should not be kept on the server. Send it on a
one-way only trip to a second machine which is no accessible via the
internet.
How do you do that, then? (FWIW, I agree with the "one way trip" bit,
but it seems to me that "not accessible via the
Credit card information should not be kept on the server. Send it on a
one-way only trip to a second machine which is no accessible via the
internet.
But what if I don't have the luxury of doing this? Any other options?
Thanks,
Russell
Michael wrote:
Credit card information should not be kept on the server.
Send it on a
one-way only trip to a second machine which is no accessible via the
internet.
How do you do that, then? (FWIW, I agree with the "one way trip" bit,
but it seems to me that "not accessible via the
Here is a test data that does not work with rsa_oaep_test.c
Can someone tell me what could be wrong?
You've got an invalid value for iqmp. You can set it like this:
BN_mod_inverse(key-iqmp, key-q, key-p, ctx);
int RSA_check(RSA *key)
{
BIGNUM *i, *j, *k;
BN_CTX *ctx;
int
Juan Carlos Castro y Castro [EMAIL PROTECTED]:
Now I researched and learned (correct me if I'm wrong please) that I
can't ignore the server certificate if I'm using RSA as the key
exchanger. I'll have to use DH if I want a "thin" SSL client.
Another thing: I used "openssl s_client -connect
"Patrick Harlin" [EMAIL PROTECTED]:
I have tested on all the platforms several times, and I could still
see that one of the machines have problem with slow generation of
private keys. It seems like Test2 machine always is 3 minutes slower
then all other HP installations ??? One other odd
Doug Erickson wrote:
Howdy --
I am doing the following to generate a DSA cert:
dsaparam -out client-param.pem 512
req -newkey dsa:client-param.pem -nodes \
-keyout client-key.pem -out client-csr.pem
x509 -req -CAcreateserial -CA ca-cert.pem -CAkey ca-key.pem \
-in
Storing the information on the SSL server is a Very Bad Idea (tm), as it
makes it available to anyone who can hack into SSL server. Putting it at
arms length, whilst not necessarily more secure in an absolute sense,
extends the time it will take for someone to crack the connection, which
PMFJI --
I'm curious as to what folks have used to separate the SSL server from the
"isolated back end". SCSI, RS232, other techniques? Are there commerical
solutions available?
TIA
Harry
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Craig
10 matches
Mail list logo