On Sep 21, 2010, at 11:15 AM, Erik L. Arneson wrote: > On Tue, 21 Sep 2010, Floyd Resler wrote: >> I got it all figured out. The part I was missing was combining the >> certificate with the key and giving it to the end-user to install on >> their system. I was able to use the Web server's certificate for the >> encryption. The interesting thing is that the client wants ALL >> passwords sent via encrypted email. Of course, they need the P12 file >> installed in order to view the email and that requires a password to >> install it. > > Wait, you didn't send the webserver's certificate to the user, did you? > That's a bad idea. The email recipient should have her own certificate, > which has both a private and a public part. > > The webserver's certificate (presumably the one you have signed by the > CA), especially the private key, needs to be kept *private*, and not > sent all over the place. Using the same private/public key pair on both > endpoints defeats the purpose of PKI. You would be better off using > plain old symmetric encryption. > >> So, obviously, I can't send that password encrypted. So, my solution >> is to provide a Web page that the user gets to by an emailed link that >> has a unique identifier and the user must enter a piece of personal >> information for verification (in this case, ZIP code). Once verified, >> they are shown the password on the page. That's the only way I can >> think of to do it. Is that a good solution or does someone have a >> better way? > > I'm sure there are some good products out there to handle this. > Personally, for email encryption I always prefer the OpenPGP family of > tools (including GnuPG and commercial PGP). End-users can install PGP > on their systems, generate public keys, and then send them to the > webserver. No passwords need to be handed out---they will come up with > their own passphrases when they generate their public/private key pairs. > > -- > Erik Arneson <dybbuk@xxxxxxxxx> > GPG Key ID : 1024D/62DA1D25 BitCoin : 1LqvuGUqJ4ZUSoE7YE9ngETjwp4yZ2uSdP > Office : +1.541.291.9776 Skype : callto://pymander > http://www.leisurenouveau.com/ > > I used OpenSSL to generate the P12 file (I haven't actually sent this to anyone since I'm still testing). So, I assumed that it was okay for distribution. Perhaps not. At any rate, I like the idea of the OpenPGP better. I'll see how to do that. Thanks! Floyd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
