On Sun, Mar 2, 2008 at 6:42 PM, Martin Gainty <[EMAIL PROTECTED]> wrote: > PCI-DSS calls for encryption on all channels where payment information will > be transmitted is the configuration described here non PCI-DSS compliant?
No, PCI-DSS calls for encryption of card data across open, public networks. If your connection between Apache and Tomcat is open and public (not common, typically it is on a secured LAN, then yes, your typical mod_jk or mod_proxy_ajb would not be sufficient. -Dave --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
