James Treworgy wrote:
>
> I would absolutely *not* do this, [mix SSL and non-SSL content] unless you want your
>web site users to
> see a message from the web browser saying "this page has both secure and
> insecure information. Do you want to proceed?" every time they user your
> site. This does not instill confidence.
Good point Jamie. However, for some users this may be necessary, there
is nothing in the protocol against doing this, the browser warnings are
browser-dependent (Netscape doesn't give a peep) and can be switched
off. Users have to choose for themselves how they want to use SSL.
Rgds,
Owen Boyle.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]