From owner-freebsd-isp  Wed Apr 19 17:50:30 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from wizard.teksupport.net.au (wizard.teksupport.net.au [203.17.1.1])
	by hub.freebsd.org (Postfix) with ESMTP id 042E237B7FB
	for <freebsd-isp@FreeBSD.ORG>; Wed, 19 Apr 2000 17:50:26 -0700 (PDT)
	(envelope-from robseco@wizard.teksupport.net.au)
Received: from warlock.teksupport.net.au (warlock.teksupport.net.au [203.26.69.3])
	by wizard.teksupport.net.au (8.9.3/8.9.3) with SMTP id KAA20794
	for <freebsd-isp@FreeBSD.ORG>; Thu, 20 Apr 2000 10:50:22 +1000 (EST)
Message-ID: <00f601bfaa61$e4caaa60$03451acb@teksupport.net.au>
From: "Rob Secombe" <robseco@wizard.teksupport.net.au>
To: "FreeBSD-ISP" <freebsd-isp@FreeBSD.ORG>
References: <Pine.BSF.4.21.0004200910210.51518-100000@guru.citec.qld.gov.au>
Subject: Re: credit card handling.
Date: Thu, 20 Apr 2000 10:46:40 +1000
Organization: 
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2014.211
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Correct !

You need to encrypt your message (ie credit card transaction) with the
recipient's, in this case, the merchant/vendor's public key. The recipient
then uses their private key to decrypt the message.

Rob.


----- Original Message -----
From: Colin Campbell <sgcccdc@citec.qld.gov.au>
To: Jim Flowers <jflowers@ezo.net>
Cc: Matt Heckaman <matt@ARPA.MAIL.NET>; FreeBSD-ISP
<freebsd-isp@FreeBSD.ORG>
Sent: Thursday, April 20, 2000 9:13 AM
Subject: Re: credit card handling.


> Hi,
>
> On Wed, 19 Apr 2000, Jim Flowers wrote:
>
> > Just install the pgp port and read the documentation.  From what I
recall
> > you pipe your email output to pgpe and from their to sendmail having
sent
> > the public key to the recipent machine previously.
>
> Isn't this round the wrong way? By encrypting with your private key anyone
> with access to your public key can decrypt it. Would it no be better to
> use the public key of the recipient so that only they can decrypt the
> message?
>
> My understanding of PKI is:
>
> - use your private key for signing things to prove who you are. Anyone can
>   use your public key to verify the identity of the sender.
> - use the recipient's public key for encryption since only they can
>   decrypt the message
>
> Colin
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message