Zip Project

Shroder

I've been trying to think of a solution for this project I have for a while now. I turned to VB but I'm running into walls with that now, so I'm kind of turning back to what I'm more familiar with.

I am trying to get a file to a web server and then be immediately encrypted and zipped. It needs to be able to either be a self-extracting zip or able to be open via WinZip.

My second concern is this file must be encrypted with 128 bit encryption at all times for legal reasons.
I know I can use SSL to get the file up there but as soon as the transfers done I think the file becomes unencrypted. Is this true? and does anyone have any ideas as to how I can somehow keep it encrypted?

If I have a script that encrypts/zips up the file once it is uploaded to the server I know it will be a matter of a few seconds that it will be sitting there unencrypted. Unfortunately that is against the law. Or would the process be instant?

nemonoman

'Practically' instant. Microseconds, not seconds.

Cloud

Tha'ts what I thought. I may be able to get away with that then. Any ideas on getting it encrypted/zipped?

nemonoman

Let's hope one of the encryption wallahs answers the encryption question. I'll answer the legal question with some practical advice.

You say you're legally required to have the file encrypted at all times. This sort of a requirement is a legal fiction crafted by technically fuzzy lawyers, not by programmers.

You're describing, I think, uploading a cleartext file using SSL, and then encrypting it as it hits the server?

Since you are moving at the speed of electrons and as fast as practically possible, I would not be fastidiously precise in discussing the process with lawyers or executives.

Use words like 'instantly' and 'moment'...imprecise maybe, but highly suggestive of the practical case. "The file is instantly encrypted the moment it hits the server.' That there are nanoseconds when the file sits in plain text is a matter where discretion and circumspection will have a better result than precise and confusing explanations.

Trust me on this.

drawmack

you probably want to use pgp for the encryption on the server side.