[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: https question



At 11:07 AM 7/22/2004 -0500, you wrote:

>I notice that some "secure" sites are still
>in http when they ask for the username and password,
>and _then_ they go to https.
>
>Is the username and password encrypted before going
>to the https site?  Or should these web sites go
>to the https site, first, and then ask for the
>username and password?
>
>--Chet

Almost all of the time the link that sends a UID/PW is *TO* an SSL site; 
the page you're ON is unencrypted, but as soon as you open the next link, 
it's encrypted. Turn on the security pop-up dialogs to see where the link 
is going (i.e to SSL from non-SSL & non-SSL from SSL).

         Lee


-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.