[Enigmail] Small question about redistribution of enigmail

Faramir faramir.cl at gmail.com
Sat Jun 14 02:01:38 PDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Robert J. Hansen escribió:
> John Clizbe wrote:
>> For an e-commerce site, you should only have to implement S/MIME mail
>> signing/encryption. The web part should be fairly cookbook.

  If web part means the certificate for SSL, yes, it was really easy

> Or, for that matter, do what professional ecommerce sites do: shrug and
> say "we're not going to worry about this, we're just going to put those
> mechanisms in place the credit card companies say we have to do."

  Our policy is: "let paypal take care about that". We don't really want
to have to answer difficult questions about security, so...
  About local banks and ecommerce, I would have to deal with
"transbank", but I couldn't find a clear policy, what I found was a
contact form to ask them to contact me (and their phone number, in case
I want to call them to ask details)... and since their policy is not to
talk with customers, just with institutions (the customer's bank, or the
store), I think they wouldn't like to hear "well, I am an student, and
this store will never actually sell anything".

> Part of good engineering is not making design decisions before you have
> to.  Making a commitment to a particular kind of ecommerce security
> solution before knowing what the real world uses for them seems to be a
> violation of this rule of thumb.  :)

  Well, the idea was to provide "secure" email communication with
customers, in case they need support, or something goes wrong. I am
using osCommerce, so I really hope the built in modules, or the addons
modules can handle the paypal integration. I just finished setting up
the sendmail feature, and I have not had time to test it.

  If I am going too much off-topic, please tell me, so I can stop...

 Thanks for the advices
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBAgAGBQJIU4jxAAoJEMV4f6PvczxAr04IAIltkM9L6SnYbLwJIHFHzSF2
n3ECdYRFYWYihrx2DkPREvhoeA5YMOBQvd3IpphpRQVBvGPHb0FBHbbIRx9xazoQ
JC6DhkrZb2JR/PFWbyDfpQD688hz7LjV1ie7AQ2wVX6ODJ2dUNW7crm9XD3ikqFN
2+vfmkbuXqGiicYmHom39eCaNIGanu06eoWWxK3eXNf0g/7XmzHyU5QA0Xa/RSjU
zhwFGg4swL1/KiKmOJVBa8QAmlkUX1DUfVSg+MmltD2IpLd57FGL6+iD7j5+HE2z
0IL2XK7+nkV4Ht9IziP0SSBlpwK1/7qcUtTUrzbx3tp8ii1tJDNVt0rtFzL0LW0=
=nn/2
-----END PGP SIGNATURE-----


More information about the Enigmail mailing list