SSL/PGP
[Getting PGP | Installing PGP | Using PGP]
SSL
Frontier Total Web's Servers use SSL to encrypt Web pages. SSL stands for Secure Sockets Layer, and is an industry standard used to encrypt information presented by a Web site. SSL allows you to send and receive credit card transactions safely from your Web page to your customer. Your customers can be assured that their Credit Card information will be safely encrypted when they submit their financial information.
PGP
Frontier Total Web's Servers use PGP for e-mail encryption. PGP is a military grade encryption product which is publicly available to U.S. residents through most of the common e-mail programs, or from Network Associates for a small fee. There is a good chance you may already have PGP capabilities on your computer. If you do not already have PGP, you will need to install it. PGP allows you to store, send and retrieve sensitive information in an encrypted manner.
This section will help prepare for Electronic Commerce through a Web site.
How does Encryption work?
Single Key
The simplest forms of encryption use a Single Key method, like a secret decoder ring. A Single Key Encryption Algorithm means that there is one "key" used to both encrypt and decrypt a message. For example, if I want to send a message to my friend that is in secret code, we must determine the code we will use to encrypt the message beforehand. Let's say we decide that A= 1, B=2, C=3 and so on. As long as we both know this, we can safely send each other messages like "20-8-9-19 9-19 1 19-53-18-5-20 13-5-19-19-1-7-5." All we need to decrypt this message is the same Key. There are some potential security problems with this method. My friend and I will need to meet and exchange the key before we can use it. We can't safely e-mail it to each other because some hostile party may intercept the transmission, nor can we leave the key up somewhere for retrieval by persons with whom we want to communicate.
Public Key
Public Key Encryption involves two keys and a passphrase. When you generate the keys to encrypt and decrypt a message, you generate a pair of keys. One of these keys is your Private Key, the other is your Public Key. To decrypt a message using the Public Key method, you need to have both keys, and a passphrase that ties the keys together. You can safely share your Public Key with the whole world, since your private key and a passphrase are needed to crack the message. PGP uses a Public Key encryption method.
Why do you need it?
Data travels over the Internet in "Plain text" -- that is, the text is fully readable. No encryption takes place unless the sender forces encryption onto it. A "Hacker" can intercept messages and read them relatively easily. There is no way to avoid this currently, nor is there reason to be alarmed, since most Internet content is meant to be read by all. Since we can't stop people from "listening in", we must encrypt private messages before they travel onto the Internet. The hacker will still be able to intercept the transmission, but what they get is entirely unreadable. Below is an example of an encrypted message.
----- BEGIN PGP MESSAGE ---
qANQRlDBwE4D3ls75YisLYQQA/sFiDjYc2vJcZQ5COEqIBAuqFQ
P3URud5N1dUFCD119iYT6yyPZmwbNj2 +Bd1U8vfa1rLP5vXN6HT
aVy2TC4zCObuQ9S9dtH3YWPaqbWFHDA+PpkhAEuabQQlgopU
K5x27Uov532/YAFaTfCM7OrWrAtqk~uxiYyJX8XdtTJdo5QgQAkk
qJOQjSvepPzadC5YdwwkFAehXc/mLmnLjyhf6HhFaYfcxZkjKO811
afr7SqE6HwHBwU4DGbEeuhciIGQQCACyLbOVUel8m2WH6F~7
OP5Avn2oBrr3~z7ZP7jBZK4NHj8ZdsUJP6bvOaGINUOOOCRfwl1
v6ERbHHVoHHwCjrGvPVb2GPs9Yxcv7h8us +jYc4JwM4WKhZGX
dov
----- END PGP MESSAGE ---
Only the person(s) intended to read this message can decrypt it, using PGP.
What do you need to do?
- Get PGP
- Generate a Key
- Backup your Keys!
- Send your Fulfillment Representative the Public Key
- Test PGP
[Getting PGP | Installing PGP | Using PGP]
