[thelist] SSL/https question from non-techie
Tara Cleveland
tara at taracleveland.com
Wed Jul 24 22:22:30 CDT 2002
Hi all you security-type people,
I have a question that is mostly out of curiosity...
I was under the impression that a form had to be SSL (with the lock and
https) in order to be properly secure. On my ISPs "secure" customer care
site they've got a form on a regular http page where you fill out your
username and password. The form *is* sent to an https page after you hit
submit. But wouldn't my username and password be sent non-securely (is that
a word?) from my machine to that https page? They claim it's secure, but
I've always been told that the info has to be sent from a secure page.
Just wondering...
Tara
--
Tara Cleveland
Web Design and Consulting
http://www.taracleveland.com
More information about the thelist
mailing list