[thelist] SSL/https question from non-techie

Tara Cleveland tara at taracleveland.com
Wed Jul 24 22:22:30 CDT 2002

Hi all you security-type people,

I have a question that is mostly out of curiosity...

I was under the impression that a form had to be SSL (with the lock and
https) in order to be properly secure. On my ISPs "secure" customer care
site they've got a form on a regular http page where you fill out your
username and password. The form *is* sent to an https page after you hit
submit. But wouldn't my username and password be sent non-securely (is that
a word?) from my machine to that https page? They claim it's secure, but
I've always been told that the info has to be sent from a secure page.

Just wondering...

Tara Cleveland
Web Design and Consulting

More information about the thelist mailing list