Could you not PGP encrypt the data in the cgi program then deliver as
normal? That should protect the contents over full length of the link
that way.
I wish all people who use https thought what happens after the encrypted
data hits the web server ;-)
Regards,
aid
--
Adrian J Bool | http://www.noc.u-net.net/
Network Manager | tel://44.1925.484061/
U-NET Ltd | fax://44.1925.484055/
On Mon, 4 Oct 1999 tcurdt@??? wrote:
> We are going to setup a shopsystem which
> delivers sensitive information (creditcard)
> via cgi to exim. Exim then does a local
> delivery to a user's mailbox.
>
> Since we use a https connection the cgi
> should be no problem. But what is with the
> local delivery of exim?
>
> Can I tell my boss the MTA will be no
> security risk?
>
> For receiving the mail I thought of
> setting up a pop3 server using the
> openSSL tools.
>
> Any comments are welcome
> --
> Torsten
>
>
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
