Title:
I take it you are suggesting using https for the outside frame, and http for the inside frames?
 
First of all, why would you want to mix http and https? I haven't tested this, but even if a warning doesn't come up, some users will cotton on to your "smoke and mirrors" of security.
 
Notwithstanding that frames suck big time.
 
John
-----Original Message-----
From: Jody Fraser [mailto:[EMAIL PROTECTED]]
Sent: 02 June 2000 00:23
To: [EMAIL PROTECTED]
Subject: Re: Insecure information

What about using the mixed-mode approach with HTTP and HTTPS, using frames?


At 06:06 PM 6/1/00 -0400, you wrote:

>>>>

You cannot mix HTTP and HTTPS in one page, regardless of the content type, if you want to avoid that message. The bottom line is that you'll need to deliver ALL elements of the page *including images* via HTTPS.

Hope this helps.

--Cliff

Cliff Woolley

Central Systems Software Administrator

Washington and Lee University

<http://www.wlu.edu/~jwoolley/>http://www.wlu.edu/~jwoolley/

Work: (540) 463-8089

Pager: (540) 462-2303


>>> [EMAIL PROTECTED] 06/01/00 02:56PM >>>

I have installed my secure web server and get the test certificate

from verisign. I was trying some of my web pages that using

<https://mydomain/test.html. >https://mydomain/test.html. Then, a window pop-up and indicate that

some of the information is not secured, so it will not be show on the

web page. All of the insecured informations are picture which is using

jpeg or gif format. I wonder what is wrong with those pictures. And

How to overcome this problem.



<<<<




=====================================================

Jody Fraser, CISA, CISSP - Lucent NPS

Pager (800) 467-1467 Mobile (916) 769-5751

email: [EMAIL PROTECTED] [EMAIL PROTECTED]

===================================================== ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]

Reply via email to