"Richard Booth [Web Developer]" <[EMAIL PROTECTED]> writes: > When performing a post from a non-secure sever to a secure server is the > connection made secure before any data passes through? It's not clear what you mean here. Servers don't typically post to other servers. Perhaps you mean when a client is dereferencing an HTTPS URL fetched from an HTTP server.
In any case, in any HTTPS transaction the entire SSL handshake takes place before any application data is transmitted. > If yes or no can you > direct me to documentation if possible? RFC 2818 (http://www.rtfm.com/rfc/rfc2818.txt). -Ekr ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]