[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: https question



Quoting "clangin@siu.edu" <clangin@siu.edu>:

> 
> I notice that some "secure" sites are still
> in http when they ask for the username and password,
> and _then_ they go to https.
> 
> Is the username and password encrypted before going
> to the https site?  Or should these web sites go
> to the https site, first, and then ask for the 
> username and password?
> 
If you view the source of the page and the "ACTION" tag of the form specifies an
https address, any information you submit will be encrypted.

Some people use http forms and https links to scripts to save processor overhead
because it's silly to encrypt the html form and accompanying images all the
time when all it does is make people feel a little bit more secure (and that's
only the people sentient enough to notice).

Ken Hagan
Technology Consultant
Alacrity-IT, Inc
http://www.alacrity-it.com/
618.499.0108

----------------------------------------------------------------
This message was sent using Alacrity-IT Webmail
	http://www.alacrity-it.com/

-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.