Thanks guys. We are sending the l/p from a db call behind the scenes so the lack of the lock is not too much of a concern I just wanted to avoid having to put a cert on my site...
sean -----Original Message----- From: Matt Robertson [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 26, 2003 2:37 PM To: CF-Talk Subject: RE: Http to Https Secure Transmission? Listen to what Barney said. Verisign is in the business of selling certificates and they BS'd you, from the sound of it. As was pointed out, a form without the little lock on it is not secure insofar as a user is concerned. They'd have to do a View Source to see the secure form post addr, which very few will do of course. -------------------------------------------- Matt Robertson [EMAIL PROTECTED] MSB Designs, Inc. http://mysecretbase.com -------------------------------------------- I've stopped 47,866 spam messages. You can too! Get your free, safe spam protection at http://www.cloudmark.com/spamnetsig/ -----Original Message----- From: Sean McCarthy [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 26, 2003 11:09 AM To: CF-Talk Subject: Http to Https Secure Transmission? Hi, We are about to rollout access to a Commerce 1 application server through single sign-on from the intranet. Will a SSL cert need to be on both ends to make the connection secure(the form submitting the Login/Pass and the C1 server)? I have received varying answers on this subject. Verisign says yes definitely. But then I look at sites like this: http://online.firstusa.com/bolHome.aspx?partner=fusacorp and the login page is non sol submitting to a sol page? Is this information sent in the clear? I assume so? Unless it is being encrypted before being sent? thanks for your input sean ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
