Secure Emailing of Form Results

E

Edwin Hannan

Hi All
Using Frontpage 2003 in the UK

I have a website that collects financial information (Mortgage & Loan
application forms) and am investigating ssl email, email encrytption (pgp)
I understand that to encrypt an email that the application has to be running
on the email server (ISPs email server) to generate a pgp key etc...

Anybody have any info at all on this and if its available to us FP users?

This is heading our way - fast (data protection etc..) so it will be that
any personal data given on a form will have to be secure??

there must be a cost effective solution somewhere

cheers

Ed
 
S

Sparky Polastri

Your questions are outside the scope of FrontPage.

At the very least, you will need an application running on the local SMTP
server that encrypts the email contents.

Also note, in the USA, the auditors of the regulatory bodies in charge of
financial companies take a really dim view of customer information being
emailed at all. You may find that the UK has even more restricted policies
(or so I have heard).

For best security, you need your server to be attached to your local network
so you can access the data directly. You need to get a professional to map
out your security plan. The very fact that you asked "how can I do this
with FrontPage" indicates you need professional help.
 
S

Steve Easton

On the servers my sites are hosted on ( Apache/UNIX ) there is an option to manage OpenPGP
keys
Unfortunately however, I've never played with it.

I have however played with Gnupg at the client level, and even wrote a gui to manage it so
the user isn't forced to do everything from a command line.

What I've learned:
1. Anything over 2048 bit encryption is a waste of resources. ( processor resources when
encrypting data )
2. It's really not that safe.
3. The NSA has recently released a standard for Federal Gov public key use that bypasses
RSA x509 and Open PGP standards. Which means the old standards are considered unreliable.

In ending I would consider Sparky's advice as extremely valid.
You need a secure server and a security certificate to do what you want.
You do not want to send CC or personal info via email in any way shape or form.
You need it saved to a password protected area of a secure server where you can then log
on to retrieve it.

--
Steve Easton
Microsoft MVP FrontPage
95isalive
This site is best viewed..................
...............................with a computer
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Please Help Me Secure My Form Results!!! 1
Form Results: supress data in email? 1
Shared SSL and FP2000 Form 4
Secure Site Form and saving data? 7
Forms & Emailing results 4
SSL 4
can't send my windows mail. 1
Error Messages on windows email, cannot receive or send email 3

Top