Re: Encryption information requested.
From: Graper (graperdude@aol.com)Date: 04/24/02
- Next message: Rob J Meijer: "Re: Intrusion Detection Systems"
- Previous message: Chris Greiveldinger: "SSL: Expired Root Certificates in chains"
- In reply to: Bob Warner: "Encryption information requested."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: graperdude@aol.com (Graper) Date: 24 Apr 2002 10:06:36 -0700
The latest major browsers already have Secure Sockets Layer (SSL)
embedded in the browser. No software to buy. Instant compatibility.
As long as your company doesn't need to authenticate the customer via
SSL, you can establish a SSL link without the customer having to do
anything.
If your transactions are email based, then the email client of the
browsers are able to handle SSL transactions. Your company will need
a certificate, which the customers will download (or which you will
send via email). Your customers may also need a certificate, but you
can set up a process where they can get one from your website.
The web-based approach is the easiest because it's mostly transparent
to the customer. The email approach has a learning curve and requires
the customer to do some things. For the tech savy, it's a snap. For
the technically challenged it can be somewhat confusing, but no more
than trying to explain/use any other encryption product. Turn-key
crypto isn't quite there yet on the email side.
The nice part about using the built-in SSL is it's basically free. No
new software to buy or install. No direct cost. Upgrades occur
automatically and incrementally with each new version of browser
release.
bob.warner@state.co.us (Bob Warner) wrote in message news:<dbb6858f.0204230703.61ee60c6@posting.google.com>...
> Hi. This is probably the wrong forum, but, if not, maybe someone can
> point me in the right direction.
>
> I am in the process of recommending encryption methods for users
> submitting electronic data to us for processing. While I generally
> understand encryption and the use of public/private keys, what I don't
> know is how to compare to competing encryption products. I understand
> that we need to recommend a product which allows for 128 character, or
> higher, encryption, but what other things should I recommend to our
> users.
>
> In other words, what distinguishing factors make two competing
> encryption products compatible? Obviously, it would be beneficial for
> us to decrypt a file submitted by a user who might be using a
> different product. In this recommendation, I have to allow for the
> ability of each user to work an encryption product into their budgets.
>
> TIA for any assistance you can give me.
>
> Bob
- Next message: Rob J Meijer: "Re: Intrusion Detection Systems"
- Previous message: Chris Greiveldinger: "SSL: Expired Root Certificates in chains"
- In reply to: Bob Warner: "Encryption information requested."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
