Public Key Encryption and Internet

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

Public Key Encryption and Internet

Message

03/06/2002 21:52:34

Albert Ballinger
Ballinger Consulting
Houston, Texas, États-Unis

03/06/2002 19:54:25

Shawn Burke
Dri Management Systems
Newport Beach, Californie, États-Unis

Information générale

Forum:

Visual FoxPro

Catégorie:

Codage, syntaxe et commandes

Titre:

Re: Public Key Encryption and Internet

Divers

Thread ID:

00664292

Message ID:

00664308

Vues:

>I'm doing research on the feasiblility of trading encrypted information via the web between our system and someone we want to integrate with.
>
>From postings here, my understanding of Public Key Encryption is this. If I want to encrypt something for YOU to read, I encrypt it using my Private key and your Public Key (public may mean its on another server, or written down or whatever... just that its known). Then when the file gets to you, you use YOUR Private and YOUR Public key to decrypt. So if this is wrong, someone stop me now before I get dangerous.

Correction:
If I want to encrypt something for YOU to read, I encrypt it using MY Private key and then encrypt the result with YOUR Public Key. Then when the file gets to you, you decrypt with YOUR Private key and then decrypt the result with MY Public key.
http://developer.netscape.com/docs/manuals/security/pkin/contents.htm

>
>So I assume that with the internet we use the Digital Signatures from Verisign or some other company (what other ones?). This is our Public/Private key; we'd have a Cert from Verisign and so would they.

Only if you need strangers to know your public keys. This doesn't seem necessary for your scenario.

>
>So the questions:
>1) What program or API do I use to work with these keys? Is it just a simple call to encrypt/decrypt or do I have to write all the code.
>2) What methodologies are best for transmitting the data, or perhaps even better, what is already written that would allow this. Some thoughts are
> a) Simple Email - someone suggest sending the encrypted file as an attachement. That's fine, but how would I get the file from the mail server?
> b) FTP - I don't think this is a great idea since FTP seems to suffer from some security concerns
> c) SSL data tranfer via HTTPS - This is the idea I think is best but its implementation scares me. Is it easy to open an HTTPS stream and move the files between it?
>
>And finally, if there's a completely differnt thought that I'm missing, I'm all ears...
>
>Shawn
sftp is a candidate:
Main site: http://openssh.org/
One Windows port: http://www.networksimplicity.com/openssh/

Répondre

Fil

Voir

Click here to load this message in the networking platform