note sundialsvc4 <p> SSL connections provide several ways to restrict the acceptable certificate values that are presented, although these features are not commonly used in the Wooly Wild Internet. &nbsp; Connection verification should be done at a protocol level. &nbsp; Man-in-the-middle attacks should be prevented thereby. &nbsp; If you trust the server you&rsquo;re talking to, or the client you&rsquo;re listening to, then HTTPS will transfer the bytes correctly. </p><p> Another way to do it on a more general scale is to use VPN with individually-issued digital certificates. </p><p> &ldquo;Trust,&rdquo; however, can be a big question, because, in the case of a data file, you must trust the file not the transport. &nbsp; &ldquo;Even if the message is being delivered by carrier pigeon, you must be able to trust the <em>message,</em> not the bird.&rdquo; &nbsp; If you return to the message weeks or months after delivery, you must still be able to authenticate its content. &nbsp; The only way to do <em>that</em> is with a cryptographically signed file. &nbsp; Tools like <tt>gpg</tt> can do that, whether or not the message itself is encrypted. &nbsp; Your <em>entire</em> company workflow, not just this Perl program, must support that in order for it to be meaningful. </p> 1020470 1020470