I was wondering what the most secure way to receive hosting orders would be. It looks as though PGP is the best but it isn't installed on my server (shared virtual server running Solaris 7). Unfortunately, I don't have root access so I don't think I'll be able to use it. Is there anyway to get PGP to work without root access? If so, how?

Are there any other alternatives to use besides PGP?

JTM

third pary cc prossesor?

I would like to download the order to my workstation so I can put the information on a server on my network. I also don't want to have the orders processed in real-time due to the amount of fradulant orders.

I was thinking of using something like PGPformmail.cgi and have the results sent through email then decrypted using PGP. If this wouldn't work then I was wondering if there's some other way to do this.


JTM

Two questions you need to answer:

Is your email server running on the same machine?
If not, do you trust the network between them?

If the answer to either of these questions is "yes," than you can use pop3s or imaps to check your mail, and use a regular plain-text email to take your orders.

Note that this is not as secure a solution as PGP -- if your server or another machine on your network is compromised, your emails can be compromised as well.

However, barring that, no one else will be able to snoop your mail. IMAPS and POP3S use SSL to encrypt your connection to the server, instead of encrypting the email itself. The benefit is that you can use any standard email client (outlook, netscape, etc) to check your mail, and you dont need to install 3rd party PGP software wherever you check your email.

Please let me know if you have any questions or that explination wasn't clear enough. ;)

-Dan