I wanted to drop a note here before I went off hacking away only to find that I did something wrong.

I have a site that will be doing secure transactions via SSL and interfacing with Signio via PERL. This is all fine and dandy. I plan on using PGP (v5 installed on the FQ servers) to send the transaction data to myself for recordkeeping purposes. This is where I have questions.

Per Rich's fine instructions I generated the keys and have the private one locally. What about decryption? What version of PGP do I need on my PC (WinNT4/2000)?

It seems that the only commercial version of PGP that you can buy is v6.5.3 from McAfee for $20, but I downloaded (not installed) the freeware US and International versions of PGP for versions 5.0, 6.5.2 and 6.5.3 too. Which one(s) do I need to use?

Thanks...

Ben

For your purposes any of the versions you have should work fine. If you want to easily encrypt/decrypt within your email package, especially Outlook, use 6.5.2 or 6.5.3. V6.5.3 was released for win2k and outlook 2k. I'm still using v6.5.2 with Outlook 2k and everything works fine.

Since you are using PGP for commercial use, you should probably use the commercial version if you are in the US or Canada. Outside the US/Canada, only the international version is available.

Rich

Rich:

Thanks. I just wanted to verify that I was able to use the versions that were available (namely, v6.5.3) when the only thing on the server was v5.0 and you answered that question.

Investigating this whole ecommerce issue is pretty intense if you aren't expecting it and there doesn't seem to be any easy way out. You just have to bite the bullet at some point. I have never seen a shopping cart that looked like something I'd EVER want to even think about using. All of the services and packages out there always seem to look like cookie cutter packages to my eyes. I want my customer to see my company and ONLY my company, period. I tend to be one of the "if you want it done right..." types. This isn't always a good thing. :)

Anyway, I have the Signio connectivity happening, I've written the "cart" interface myself (I only have a few items and I am a PERL jock, so to speak) and want to make sure that NOTHING ever gets stored on the server - which, of course, means securely mailing myself everything.

Now I just have to decide how best manage it when it gets here...