Angelo Zanetti wrote: > thanks for the info. With regard to the setup it will be something more > or less like this: DON'T DO IT!!! > I want to generate my own keypair. The private key I keep secure, > offline, > on the machine that does the admin (charging, refunds etc). The public > > key is used on the server to encrypt card details the minute they > arrive > on the server (even using SSL, the data will arrive unencrypted > because the web server decrypts it). > > Encrypted card details are written to file, and moved off the server > overnight by a cron job. > > On the admin machine, offline, the details get decrypted when needed > to perform transactions, using the private key. Who has access to the private key? Under what circumstances? How are you going to STOP a determined individual from compromising the access to the private key? Do you have $50,000 in escrow for *WHEN* (not if, *WHEN*) that key is compromised? Are you prepared to put another $100,000 in escrow *after* that time for the next time it *WILL* happen? Are you prepared to contact EVERY credit card customer and tell them their credit card security was compromised? > The admin box is on ADSL, but behind a firewall with no services or > ports > open to the internet. I.e it can initiate a connection to the server > on > the internet, but not the other way around. > > Does this setup sound secure enough and a solution that can work? NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO! Who has physical access to the admin box? How is it locked down? When will the audits be conducted? By whom? You're missing about a ZILLION things here... > What kind of encryption should I be using? If you have to ask, you shouldn't be doing this: "Hi, I'm about to perform brain surgery. Which scalpel should I use?" You are NOT ready to implement the system you have envisioned. Let the credit card companies take the risk. They've got the resources for it. That's why things are the way they are. I *almost* did the same kind of thing you are about to do. Thank [deity] I came to my senses first. I cannot stress this enough. DON'T DO IT! Sorry, dude. It's just *NOT* a Good Idea. Deal with it. :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
