[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: https question
At 11:07 AM 7/22/2004 -0500, you wrote:
>I notice that some "secure" sites are still
>in http when they ask for the username and password,
>and _then_ they go to https.
>
>Is the username and password encrypted before going
>to the https site? Or should these web sites go
>to the https site, first, and then ask for the
>username and password?
>
>--Chet
Almost all of the time the link that sends a UID/PW is *TO* an SSL site;
the page you're ON is unencrypted, but as soon as you open the next link,
it's encrypted. Turn on the security pop-up dialogs to see where the link
is going (i.e to SSL from non-SSL & non-SSL from SSL).
Lee
-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.