[Zope] Security questions all around.
Dieter Maurer
dieter@handshake.de
Tue, 28 Jan 2003 20:12:33 +0100
Alec Munro wrote at 2003-1-27 13:52 -0400:
> ...
> First off, and the way I would ideally like to do it, since I have
> invested the most time in it, is calling a python script that would make
> an HTTPS connection to the payment gateway, process the returned
> information, and give the user some feedback. A plus of this method is
> that the user never leaves my site. The current problem is my limited
> understanding of SSL. I get a SSL_CTX_use_PrivateKey_file error, raised
> in the httplib module.
Apparently, you want to learn something about SSL support
in "htmllib".
Ideally, it would be documented.
Because documentation is often behind the software,
look into the latest available documentation and check
whether it works as described their.
If necessary, look at the source.
> Second, I can have the user submit the data directly to the payment
> gateway, and allow the payment gateway to redirect them back to a
> summary page. The problem is then confirming that the user is actually
> being redirected. My payment gateway returns the data signed with PGP,
> but I have almost never worked with PGP, and I would have little idea
> where to start.
Again, find PGP documentation and read it.
Dieter