S
Saiyan Vejita
I've been working with ASP for 6+ years now, but in that time I've
never had any solid advice on how to build a secure system. So I
thought I'd ask here first.
Anyway, here's the situation: I have a client who wants to take credit
card information via ASP form (https) and then send the resulting
content (which may be either HTML- or text-formatted) to their email
account, which they access using Outlook (2000, I believe). I want to
build the system to make it as secure as is reasonably possible; at
the same time, they want to make it easy to read / retrieve their
signed/encrypted messages.
I know their are a lot of components out on the market that permit
programmatic encryption of data, but I don't know enough about what I
need to make an informed buying decision. I've heard that encrypting
the email content and then signing the entire message is the proper
thing to do, but how do I actually do that via code? And I definitely
don't understand how the message is handled once it reaches Outlook
(via POP, IMAP or Exchange -- they haven't decided on which yet).
My brain is full of things such as AES, MD5 + SHA-1, SSL, S/MIME and
such -- how do I put all these things together into an effective
solution? Any light ya'll can shed on this would be greatly
appreciated. Thanks in advance............
-=Tek Boy=-
never had any solid advice on how to build a secure system. So I
thought I'd ask here first.
Anyway, here's the situation: I have a client who wants to take credit
card information via ASP form (https) and then send the resulting
content (which may be either HTML- or text-formatted) to their email
account, which they access using Outlook (2000, I believe). I want to
build the system to make it as secure as is reasonably possible; at
the same time, they want to make it easy to read / retrieve their
signed/encrypted messages.
I know their are a lot of components out on the market that permit
programmatic encryption of data, but I don't know enough about what I
need to make an informed buying decision. I've heard that encrypting
the email content and then signing the entire message is the proper
thing to do, but how do I actually do that via code? And I definitely
don't understand how the message is handled once it reaches Outlook
(via POP, IMAP or Exchange -- they haven't decided on which yet).
My brain is full of things such as AES, MD5 + SHA-1, SSL, S/MIME and
such -- how do I put all these things together into an effective
solution? Any light ya'll can shed on this would be greatly
appreciated. Thanks in advance............
-=Tek Boy=-