httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Sabatke <jsaba...@execpc.com>
Subject Re: [users@httpd] Encrypting things
Date Sun, 16 May 2004 23:33:50 GMT
Brent 'Dax' Royal-Gordon wrote:
> Nor would an implementation that used, say, PGP really be secure--your 
> private key has to be somewhere the server can read it, and if the 
> server can read it, chances are so can anybody with shell access.  So 
> it's not really secure, now is it?
> 
> So, if your question is "can I encrypt stuff and have Apache 
> automagically decrypt it before transmitting?", the answer is "yes". But 
> if your question is "can I encrypt stuff for security and have Apache 
> automagically decrypt it before transmitting?", the answer is "no".  It 
> won't be secure.
> 
> (And if you want it to be encrypted before transmitting and then 
> decrypted on the other end, that's what SSL is for.)
> 

Thanks for the detailed response.  One more question, and 
I'm just learning about web technology, how about asking for 
a password and then using that to decrypt a file?


-- 
Jim Sabatke
Hire Me!! - See my resume at http://my.execpc.com/~jsabatke

Do not meddle in the affairs of Dragons, for you are crunchy 
and good with ketchup.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message