Dear Francis, > Only one person (or very limited group) will receive the encrypted > message by email. It will hold customer information need by the sale > rep. So no user will have to deal with the encrypted data. > > Server receive customer info -> encrypt critical info -> sent email to > sales rep. > sales rep. decrypt the information.
If I understand your problem, I think that the best course of action is using GPG (GNU Privacy Guard), possibly with its Python module ( http://wiki.python.org/moin/GnuPrivacyGuard). When you need to send the critical info to the sales representative, you encrypt it and send it as an encrypted mail message. Then, the GUI could just be Mozilla Thunderbird, or any other OpenPGP-enabled e-mail client. This should make both server-side implementation and client-side deployment rather easy. As for safety, nothing is safer than OTP, but are we sure that your customer is able to go to great lengths to distribute long key streams over a perfectly safe channel to the sales representatives? Remember that if you make it cheaper to get the information by breaking into your public web server rather than eavesdropping on the connection, then you have just switched to a different problem :) Bye, -- Emanuele --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
