[thelist] https question

Anthony Baratta Anthony at Baratta.com
Fri Jan 10 15:36:01 CST 2003


At 12:10 PM 1/10/2003, Aleem Bawany wrote:
> > While it's not proper form to submit from unsecure to
> > secure, the browser and server need to setup the secure
> > channel each time prior to sending the data. It setup and
> > tear down each time, irregardless of the referring page.
>
>So if there is a secure page on the recieving end, but the
>page POSTing is unsecure, it will encrypt the data
>before sending? I am not sure how that would work but a
>regular post request looks like this:

Yes. The Protocol is setup first, then the data is sent.

BTW - The page is only "secure" during the transmission of the data between
the browser and the server. Just because you start from an "unsecure" page
doesn't invalidate the next connection to a "secured" page.

It's the reverse you have to worry about because then the data *is* sent
un-encrypted.
---
Anthony Baratta
President
Keyboard Jockeys

"Conformity is the refuge of the unimaginative."




More information about the thelist mailing list