Alan's right...it's insecure all the way down to the "login" window.
OpenSRS has, in the past, used pretty URLs with frames to make for easier
access to hard-to-remember URLs (e.g., http://resellers.opensrs.net instead
of https://rr-n1-tor.opensrs.net/~vpop/resellers).
In those cases, the frames page was insecure, but the content in the inner
frame was secure. That doesn't appear to be the case here (the form action
is even a relative URL, and the frames page and references within it are all
insecure).
I'm not keen on the idea of shooting my OpenSRS username and password over
an insecure link...
Regards,
Eric Longman
Atl-Connect Internet Services
+-------------------------------------------------------+
| Atl-Connect Internet Services http://www.atlcon.net |
| 3600 Dallas Hwy Ste 230-288 770 590-0888 |
| Marietta, GA 30064-1685 [EMAIL PROTECTED] |
+-------------------------------------------------------+
----- Original Message -----
From: "Alan DeRossett" <[EMAIL PROTECTED]>
To: "Discuss-List@Opensrs. Org" <[EMAIL PROTECTED]>
Sent: Monday, March 12, 2001 7:50 PM
Subject: Re: OpenSRS Live Reseller Update 03/12/01: Web Certificates!
I got a Insecure page with the user agreement in a frame asking me to
login with my RSP name and password if I accept the terms. I would think
the page should be using SSL and
a tucow Cert.
Alan DeRossett
Digital Starlight Communications Inc.
Csongor Fagyal wrote:
>
> There's still something wrong with this...
> http://certs.tucows.com/gettingstarted2.html
> gives me an error page.
>
> - Cs.
>
> ----- Original Message -----
> From: "Ken Joy" <[EMAIL PROTECTED]>
> To: "David Denney" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Monday, March 12, 2001 11:54 PM
> Subject: RE: OpenSRS Live Reseller Update 03/12/01: Web Certificates!
>
> > Must have been something wrong on your end :)
> >
> > (sorry 'bout that folks.....it's fine now)
> >
> > Thanks,
> >
> > Ken
> >
> > > -----Original Message-----
> > > From: [EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED]]On Behalf Of David Denney
> > > Sent: March 12, 2001 5:37 PM
> > > To: [EMAIL PROTECTED]
> > > Cc: [EMAIL PROTECTED]
> > > Subject: Re: OpenSRS Live Reseller Update 03/12/01: Web Certificates!
> > >
> > >
> > > On Mon, Mar 12, 2001 at 05:19:29PM -0500, [EMAIL PROTECTED] wrote:
> > > > http://certs.tucows.com/gettingstarted.html
> > >
> > > When going to this site, and click thru to "Take me to the Agreement"
> > > I get an error. Upon further investigation, it appears as if your
> > > HTML references a hostname "n1.opensrs.net". From here, that host
> > > resolves to "10.0.2.7" which is not routable on the Internet. :(
> > >
> > > Please let us know when you fix this ...
> > >
> > > > Happy Certificate Selling!
> > >
> > > If only we could _get_ to your site ...
> > >
> > > > Darryl Green
> > > > Web Certificates Product Manager
> > >
> > > --
> > > David Denney | D i m e n s i o n a l C o m m u n i c
> > > a t i o n s |
> > > [EMAIL PROTECTED] | DSL/V90/K56flex/V34/ISDN/Frame/T1/T3
> > > starts @$12/mo |
> > > 303.285.INET voice | http://www.dimensional.com/
> > > [EMAIL PROTECTED] |
> > > 888.3.DIMCOM tollfree | Denver * Boulder * Longmont * Bailey *
> > > CO-Springs |
> > >
> > > ...they can have my ssh when they pry the keyboard out of my
> > > cold, dead hands!
> >
