Re: Credit Card Number Encryption
Re: Credit Card Number Encryption
- Subject: Re: Credit Card Number Encryption
- From: Deirdre Saoirse Moen <email@hidden>
- Date: Fri, 23 Apr 2004 13:12:24 -0700 (PDT)
On Fri, 23 Apr 2004, Gerald Hanks wrote:
> Could someone please tell me what the standard would be for encrypting
> sensitive data such as credit card numbers in WebObjects? Are there
> libraries/routines that are used both within the United States as well
> as outside the US or is there a standard that is used for both?
SSL is the defacto standard. The country rules are *quite* complex,
though. However, I think you'll find that that's your best option. For
more info: http://www.openssl.org/support/faq.html
One of the reasons for SSL's popularity is the end-to-end encryption
model -- nothing is sent in the clear. It's the only method that has
client-side buy-in from pretty much every browser (even lynx).
There's various pages that discuss how to add SSL to your web app.
--
_Deirdre http://deirdre.net
"Ideally pacing should look like the stock market for the year 1999, up
and up and up, but with lots of little dips downwards...."
-- Wen Spencer on plotting a novel
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.