On Wed, Sep 25, 2013 at 1:55 PM, Tedd Sperling wrote:
> Hi gang:
>
> I have a client who had his entire site moved to another host -- no big
> problem.
>
> However, the old site had a https directory, where I had secure scripts to do
> credit-card transactions, but the new site doesn't have a ht
On Sep 25, 2013, at 2:24 PM, Tedd Sperling wrote:
>
> I understand that cc processing should be done via https.
>
> Normally, that means to me that I place my $ scripts in a https directory --
> the problem is that I don't have one with this host.
>
> So, I am asking how does one do that with
On Sep 25, 2013, at 1:58 PM, Joshua Kehn wrote:
> On Sep 25, 2013, at 1:55 PM, Tedd Sperling wrote:
>
>> Hi gang:
>>
>> I have a client who had his entire site moved to another host -- no big
>> problem.
>>
>> However, the old site had a https directory, where I had secure scripts to
>> do
On Sep 25, 2013, at 1:55 PM, Tedd Sperling wrote:
> Hi gang:
>
> I have a client who had his entire site moved to another host -- no big
> problem.
>
> However, the old site had a https directory, where I had secure scripts to do
> credit-card transactions, but the new site doesn't have a htt
Hi gang:
I have a client who had his entire site moved to another host -- no big problem.
However, the old site had a https directory, where I had secure scripts to do
credit-card transactions, but the new site doesn't have a https directory -- in
fact it doesn't even have a http directory at a
Thank you
On May 31, 2011, at 12:34 AM, Negin Nickparsa wrote:
I need to create a login page with HTTPS to yahoo
Do I have to have a valid certificate?
I have not trust certification centre, so before anything under
HTTPS will
be shown up, the window will come with information: valid
certificate: y
yahoo don't have ssl enabled on all their content it seems.
http://privacy.yahoo.com/privacy/us/security/details.html
~viraj
On Tue, May 31, 2011 at 11:11 AM, Negin Nickparsa wrote:
> it is the output:
> http://www.yahoo.com/?s=https
>
> can i force it to show me
> https://www.yahoo.com
>
> ?
it is the output:
http://www.yahoo.com/?s=https
can i force it to show me
https://www.yahoo.com
?
I need to create a login page with HTTPS to yahoo
Do I have to have a valid certificate?
I have not trust certification centre, so before anything under HTTPS will
be shown up, the window will come with information: valid certificate: yes,
valid domain: yes, valid authority for SSL key: no.
am I
, May 30, 2011 4:04 PM
To: php-general@lists.php.net
Subject: [PHP] https help
hi all,
I want to write an application that can be logged to yahoo.com using https
protocol
Would you please put me some suggestions and advices?
if ($_SERVER['SERVER_PORT'] != 443) {
header("Location
hi all,
I want to write an application that can be logged to yahoo.com using https
protocol
Would you please put me some suggestions and advices?
if ($_SERVER['SERVER_PORT'] != 443) {
header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
}
Jordan,
Do you have a shared hosting? i.e. you must have hosted your site/page on
some server.
Most of the hosting server these days provide you with the feature of
installing SSL certificate.
So what you need is-
Buy a SSL certificate from a vendor. There are so many of them available
these da
Jordan,
Bostjan hit the main points, but if you're trying to run a secure
server, you probably ought to know more about it than you do now.
It's pretty easy to arrange a secure connection that isn't actually
secure if you don't know what you're doing. I'd recommend a good
Apache book -- I have
You should look up something like "openssl how to create self signed
certificate" on google. Once cert is created, you should look up "apache ssl
howto". The rest is just following instructions intelligently. Or use a
consulting company.
b.
PS: This has nothing to do with PHP, in case you haven't
Hello everybody
I need me a little help.
I have one web page with hhtp protocol, but i need to change in https.
Somebody tell me that I need to create some SSL certificate.
I use some Apache server.
Do you somebody know does is easy and can i do?
Does need to write some php scripts or anything?
On Sun, 2010-08-01 at 13:29 +0200, Jordan Jovanov wrote:
> Hello
>
> I have one web page with hhtp protocol, but i need to change in https.
> Do you somebody know does is easy and can i do?
> Does need to write some php scripts or anything.
>
> Thanks a lot.
>
You need to set up a security ce
Hello
I have one web page with hhtp protocol, but i need to change in https.
Do you somebody know does is easy and can i do?
Does need to write some php scripts or anything.
Thanks a lot.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
PJ wrote:
Don't forget, you have to have a certificate, real or dummy for this to
work. :-)
Note that Firefox makes things difficult for non tech users with self
signed certs, so for a live site open to the public, you really do want
to spend the dough on a certificate from an authority.
Shanon Swafford wrote:
>> -Original Message-
>> From: PJ [mailto:af.gour...@videotron.ca]
>> Sent: Thursday, June 04, 2009 3:59 PM
>> To: php-general@lists.php.net
>> Subject: [PHP] https setup
>>
>> Can't find anything on G or web - but I
Per Jessen wrote:
> PJ wrote:
>
>
>> Can't find anything on G or web - but I probably didn't try hard
>> enough.
>>
>
> Correct :-)
>
>
>> I am unable to set my virtual hosts to handle https.
>> I have apache22, mod_ssl, opnenssl and the httpd and httpd-vhosts.conf
>> files are set up
Michael A. Peters wrote:
> PJ wrote:
>> Can't find anything on G or web - but I probably didn't try hard enough.
>> I am unable to set my virtual hosts to handle https.
>> I have apache22, mod_ssl, opnenssl and the httpd and httpd-vhosts.conf
>> files are set up "correctly" but directing a sensitiv
PJ wrote:
Can't find anything on G or web - but I probably didn't try hard enough.
I am unable to set my virtual hosts to handle https.
I have apache22, mod_ssl, opnenssl and the httpd and httpd-vhosts.conf
files are set up "correctly" but directing a sensitive user information
page to an HTTPS p
PJ wrote:
> Can't find anything on G or web - but I probably didn't try hard
> enough.
Correct :-)
> I am unable to set my virtual hosts to handle https.
> I have apache22, mod_ssl, opnenssl and the httpd and httpd-vhosts.conf
> files are set up "correctly" but directing a sensitive user
> inf
Can't find anything on G or web - but I probably didn't try hard enough.
I am unable to set my virtual hosts to handle https.
I have apache22, mod_ssl, opnenssl and the httpd and httpd-vhosts.conf
files are set up "correctly" but directing a sensitive user information
page to an HTTPS page returns
You are right - Decline the job, you don't want any credit-card stealing on
your head
On Wed, Apr 15, 2009 at 1:10 PM, Richard Heyes wrote:
> Hi,
>
> > To add to what others have said: CC processors with which I have worked
> will
> > audit your site *before* certifying your site to accept CC in
Hi,
> To add to what others have said: CC processors with which I have worked will
> audit your site *before* certifying your site to accept CC information. In
> other words, if you don't do SSL, you won't be *allowed* to process cards.
FWIW, companies exist that will host your "buy" page(s), so
On Apr 13, 2009, at 10:19 PM, Skip Evans wrote:
But doesn't also the form need to be secure since you're sending CC
information from that form back to the web site's server?
That's what I've always assumed.
I need some opinions on this, and if I'm right I think the client
will defer to a f
Sounds like your client wants to end up listed in a Terminated Merchant File.
On Mon, Apr 13, 2009 at 11:19 PM, Skip Evans wrote:
> Hey all,
>
> I've always put any forms that collect credit card information behind a
> secure connection, https, figuring that sending that information from the
> c
On Mon, Apr 13, 2009 at 11:19 PM, Skip Evans wrote:
> Hey all,
>
> I've always put any forms that collect credit card information behind a
> secure connection, https, figuring that sending that information from the
> client browser to the server should be secure, but I'm having convincing a
> clie
Hi,
> I've always put any forms that collect credit card information behind a
> secure connection, https, figuring that sending that information from the
> client browser to the server should be secure, but I'm having convincing a
> client that it is necessary.
>
> He instead insists that only the
On Mon, Apr 13, 2009 at 10:19:34PM -0500, Skip Evans wrote:
> Hey all,
>
> I've always put any forms that collect credit card information
> behind a secure connection, https, figuring that sending that
> information from the client browser to the server should be
> secure, but I'm having convincin
Hey all,
I've always put any forms that collect credit card information
behind a secure connection, https, figuring that sending that
information from the client browser to the server should be
secure, but I'm having convincing a client that it is necessary.
He instead insists that only the
Robert Cummings wrote:
On Fri, 2008-02-15 at 15:05 -0500, Robert Cummings wrote:
On Fri, 2008-02-15 at 14:58 -0500, nihilism machine wrote:
why isnt this redirecting my page to https://www.mydomain.com instead
the page stays at my domain.com
checkHTTPS();
$this->checkWWW();
On Fri, 2008-02-15 at 15:05 -0500, Robert Cummings wrote:
> On Fri, 2008-02-15 at 14:58 -0500, nihilism machine wrote:
> > why isnt this redirecting my page to https://www.mydomain.com instead
> > the page stays at my domain.com
> > >
> > class URL {
> >
> > // Public Variables
> > pu
On Fri, 2008-02-15 at 14:58 -0500, nihilism machine wrote:
> why isnt this redirecting my page to https://www.mydomain.com instead
> the page stays at my domain.com
>
> class URL {
>
> // Public Variables
> public $HTTPS;
> public $ServerName;
> public $WWW;
>
>
why isnt this redirecting my page to https://www.mydomain.com instead
the page stays at my domain.com
checkHTTPS();
$this->checkWWW();
$this->ServerName = $_SERVER['SERVER_NAME'];
}
// Check if HTTPS
public function checkHTTPS() {
On Mon, January 29, 2007 12:30 am, chetan rane wrote:
> i am writing a progrram for a Jabber COnnection manager. I want to
> access
> the client XML using HTTPS. do any one know a way to so it
http://php.net/curl
will get you through the S part of HTTPS nice and easy.
Mucking with the XML, you ha
@lists.php.net
Subject: [PHP] HTTPS
hi everyone
i am writing a progrram for a Jabber COnnection manager. I want to access
the client XML using HTTPS. do any one know a way to so it
Have any one the
--
Have A plesant Day
Chetan. D. Rane
Location: Pune , India
Contact: +91-9890792762
otherID: [EMAIL
hi everyone
i am writing a progrram for a Jabber COnnection manager. I want to access
the client XML using HTTPS. do any one know a way to so it
Have any one the
--
Have A plesant Day
Chetan. D. Rane
Location: Pune , India
Contact: +91-9890792762
otherID: [EMAIL PROTECTED]
[EMAIL P
[snip]
> soapclient('https://webservices.netsuite.com/wsdl/v1_3_1/netsuite.wsdl');
The 's' in 'https' should be all that nuSOAP would need to know that
it should use SSL, if nuSOAP can do that.
[/snip]
Correct. NuSOAP do detect automatically, and if CURL is configured it will
work.
[snip]
> 'ro
[snip]
>
> 'account'=>'theaccountnumber',
>
> 'role internalId="theinternalid"'=>''));
Does that work to set the attribute?
[/snip]
You are correct, that does NOT work. I found out to use soapval instead.
Thank you!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http:
On Wed, March 22, 2006 1:41 am, Peter Lauri wrote:
> I am trying to use a Web Service on the following endpoint
> https://webservices.netsuite.com/wsdl/v1_3_1/netsuite.wsdl. As seen in
> the
> url, it is under HTTPS. I have compiled PHP with CURL and verified
> that CURL
> is working. In the docume
I am trying to use a Web Service on the following endpoint
https://webservices.netsuite.com/wsdl/v1_3_1/netsuite.wsdl. As seen in the
url, it is under HTTPS. I have compiled PHP with CURL and verified that CURL
is working. In the documentation for NuSOAP I can not find how I set the
soapclient to
Hi,
I am trying to use a Web Service on the following endpoint
https://webservices.netsuite.com/wsdl/v1_3_1/netsuite.wsdl. As seen in the
url, it is under HTTPS. I have compiled PHP with CURL and verified that CURL
is working. In the documentation for NuSOAP I can not find how I set the
soapcli
On Thu, 2004-10-28 at 11:01 -0500, Afan Pasalic wrote:
> Hi Robby,
> Yes, I looked at SERVER_PORT/SERVER_PROTOCOL. What I got is 80 and
> HTTP/1.1 when I manually change http:// to https:// I'm getting 443 and
> HTTP/1.1
>
> I am not so good in this: you want to say that SSL use 443 port
>
Well, didn't know that one.
Thanks Greg, didn't know that one :)
Today is successful day - learned something new :)
-afan
Greg Donald wrote:
On Thu, 28 Oct 2004 11:01:53 -0500, Afan Pasalic <[EMAIL PROTECTED]> wrote:
I am not so good in this: you want to say that SSL use 443 port
Yup.
--
PHP
OTECTED]
Sent: Wednesday, October 27, 2004 3:01 PM
To: php-general
Subject: Re: [PHP] https://...
On Wed, 27 Oct 2004 16:35:14 -0500, Afan Pasalic <[EMAIL PROTECTED]> wrote:
hi,
how can I check using php that I use SSL?
tried with
REQUEST_URI
HTTP_HOST
PATH_INFO
but any of these does show
ober
27, 2004 3:01 PM
To: php-general
Subject: Re: [PHP] https://...
On Wed, 27 Oct 2004 16:35:14 -0500, Afan Pasalic <[EMAIL PROTECTED]> wrote:
hi,
how can I check using php that I use SSL?
tried with
REQUEST_URI
HTTP_HOST
PATH_INFO
but any of these does show http://
phpinfo() describe
that's why I use it, sure.
but can't find anything that helps me.
Greg Donald wrote:
On Wed, 27 Oct 2004 16:35:14 -0500, Afan Pasalic <[EMAIL PROTECTED]> wrote:
hi,
how can I check using php that I use SSL?
tried with
REQUEST_URI
HTTP_HOST
PATH_INFO
but any of these does show http://
phpinfo() des
On Thu, 28 Oct 2004 11:01:53 -0500, Afan Pasalic <[EMAIL PROTECTED]> wrote:
> I am not so good in this: you want to say that SSL use 443 port
Yup.
--
Greg Donald
Zend Certified Engineer
http://gdconsultants.com/
http://destiney.com/
--
PHP General Mailing List (http://www.php.net/)
To uns
Hi Robby,
Yes, I looked at SERVER_PORT/SERVER_PROTOCOL. What I got is 80 and
HTTP/1.1 when I manually change http:// to https:// I'm getting 443 and
HTTP/1.1
I am not so good in this: you want to say that SSL use 443 port
-afan
Robby Russell wrote:
On Wed, 2004-10-27 at 16:35 -0500, Afan Pas
oded
full urls for images, the browser will usually complain if the page is
accessed via https and the image via http.
Warren Vail
-Original Message-
From: Greg Donald [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 27, 2004 3:01 PM
To: php-general
Subject: Re: [PHP] https://...
On Wed, 27
ing https? Another example is, if you have coded
full urls for images, the browser will usually complain if the page is
accessed via https and the image via http.
Warren Vail
-Original Message-
From: Greg Donald [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 27, 2004 3:01 PM
To: php-gen
--
From: Greg Donald [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 27, 2004 3:01 PM
To: php-general
Subject: Re: [PHP] https://...
On Wed, 27 Oct 2004 16:35:14 -0500, Afan Pasalic <[EMAIL PROTECTED]> wrote:
> hi,
> how can I check using php that I use SSL?
> tried with
> REQUEST
On Wed, 27 Oct 2004 16:35:14 -0500, Afan Pasalic <[EMAIL PROTECTED]> wrote:
> hi,
> how can I check using php that I use SSL?
> tried with
> REQUEST_URI
> HTTP_HOST
> PATH_INFO
> but any of these does show http://
phpinfo() describes my SSL stuff pretty well if that's what you mean.
And I also fo
On Wed, 2004-10-27 at 16:35 -0500, Afan Pasalic wrote:
> hi,
> how can I check using php that I use SSL?
> tried with
> REQUEST_URI
> HTTP_HOST
> PATH_INFO
> but any of these does show http://
>
> Thanks!
>
> -afan
>
Have you looked at $_SERVER['SERVER_PORT'] and
$_SERVER['SERVER_PROTOCOL']
?
hi,
how can I check using php that I use SSL?
tried with
REQUEST_URI
HTTP_HOST
PATH_INFO
but any of these does show http://
Thanks!
-afan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
* Thus wrote Michael R. Wayne ([EMAIL PROTECTED]):
> On Fri, Apr 30, 2004 at 08:52:37PM +, Curt Zirzow wrote:
> >
> > session.cookie_path
> > session.cookie_domain
> > session.cookie_secure
>
> session.cookie_path /
> session.cookie_secure Off
> session.cookie_domain no value
>
> But we ne
On Fri, Apr 30, 2004 at 08:52:37PM +, Curt Zirzow wrote:
>
> session.cookie_path
> session.cookie_domain
> session.cookie_secure
session.cookie_path /
session.cookie_secure Off
session.cookie_domain no value
But we never use cookies:
session.use_cookies Off
/\/\ \/\/
--
PHP Ge
* Thus wrote Michael R. Wayne ([EMAIL PROTECTED]):
>
> Upgraded our PHP installation from 4.1.2 to 4.3.4, scripts that
> worked fine before are no longer doing so. The failure can be
> traced to the fact that sessions are never being reused (i.e. a new
> session gets started with each connection)
Upgraded our PHP installation from 4.1.2 to 4.3.4, scripts that
worked fine before are no longer doing so. The failure can be
traced to the fact that sessions are never being reused (i.e. a new
session gets started with each connection). The session files get
written with proper information but
Hello!
I have search for info in this group about this topic and found it but can't
get working my program.
These are the steps I have done:
1º Download and install latest php version (4.3.4)
2º Test that it works (IIS)
3º Change php.ini:
extension_dir = install_dir/extensions/
uncomment
* Thus wrote Rosen ([EMAIL PROTECTED]):
> I.e. if I use _SERVER["SERVER_PORT"] = 443 - for https connection and 80
> for "normal" - i'll be able to determite if user is in https mode - I think
> thath should be works . ?
There is no guarantee that port 443 == https and 80 == http.
Curt
--
"My
Hi,
Sunday, October 12, 2003, 10:27:21 PM, you wrote:
EL> Unless Apache is configured so that both SSL and non-SSL virtualhosts
EL> to point to the same directory containing said script, or said script is
EL> shared (via PHP include(), require(), etc.) by other PHP scripts in both
EL> SSL and non
On Sun, Oct 12, 2003 at 08:52:30PM +1000, Tom Rogers wrote:
: Sunday, October 12, 2003, 8:46:41 PM, Eugene wrote:
: EL> On Sun, Oct 12, 2003 at 01:24:40PM +0200, Rosen wrote:
: EL> :
: EL> : I.e. if I use _SERVER["SERVER_PORT"] = 443 - for https connection
: EL> : and 80 for "normal" - i'll be a
Hi,
Sunday, October 12, 2003, 8:46:41 PM, you wrote:
EL> On Sun, Oct 12, 2003 at 01:24:40PM +0200, Rosen wrote:
EL> :
EL> : I.e. if I use _SERVER["SERVER_PORT"] = 443 - for https connection and 80
EL> : for "normal" - i'll be able to determite if user is in https mode - I think
EL> : thath shou
On Sun, Oct 12, 2003 at 01:24:40PM +0200, Rosen wrote:
:
: I.e. if I use _SERVER["SERVER_PORT"] = 443 - for https connection and 80
: for "normal" - i'll be able to determite if user is in https mode - I think
: thath should be works . ?
Technically, you can't guarantee that anything running ov
On Sun, Oct 12, 2003 at 01:09:15PM +0200, Rosen wrote:
:
: Is there a way to determite with PHP thath site visitor is in https (SSL)
: mode or in normal mode ?
Check for the existence of $_SERVER['HTTPS'] which gets set only on SSL
pages. I wonder why it's still not mentioned in the official doc
Hi,
Sunday, October 12, 2003, 9:24:40 PM, you wrote:
R> I.e. if I use _SERVER["SERVER_PORT"] = 443 - for https connection and 80
R> for "normal" - i'll be able to determite if user is in https mode - I think
R> thath should be works . ?
R> Thanks,
R> Rosen
looks like a good start :)
--
reg
I.e. if I use _SERVER["SERVER_PORT"] = 443 - for https connection and 80
for "normal" - i'll be able to determite if user is in https mode - I think
thath should be works . ?
Thanks,
Rosen
"Tom Rogers" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi,
>
> Sunday, October 12
Hi,
Sunday, October 12, 2003, 9:09:15 PM, you wrote:
R> Hi,
R> Is there a way to determite with PHP thath site visitor is in https (SSL)
R> mode or in normal mode ?
R> Thanks,
R> Rosen
put phpinfo(32); at the top of the page and that should show what is available
with an ssl connection if you m
Hi,
Is there a way to determite with PHP thath site visitor is in https (SSL)
mode or in normal mode ?
Thanks,
Rosen
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
|-Original Message-
|From: PHP List [mailto:[EMAIL PROTECTED]
|Sent: Tuesday, July 15, 2003 1:02 PM
|To: [EMAIL PROTECTED]
|Subject: [PHP] HTTPS POST without user/client intervention
|
|I am writing a php script to accept an HTTPS POST of data from a remote
|site, process the data, and
: [PHP] HTTPS POST without user/client intervention
I am writing a php script to accept an HTTPS POST of data from a remote
site, process the data, and send an HTTPS POST response back (not
necessarily to the same remote site). I can do this pretty easily in
PERL (which I may have to if I can't
--- PHP List <[EMAIL PROTECTED]> wrote:
> > As for sending a POST request to a remote site via SSL, just check
> > out cURL, which also has a convenient PEAR package.
>
> This is what I am trying to do...and thanks for point out cURL...I will
> check it out.
In that case, you should find this hel
On Tue, 2003-07-15 at 15:12, Chris Shiflett wrote:
> --- PHP List <[EMAIL PROTECTED]> wrote:
> > I am writing a php script to accept an HTTPS POST of data from a
> > remote site, process the data, and send an HTTPS POST response back
> > (not necessarily to the same remote site).
>
> Can you perha
--- PHP List <[EMAIL PROTECTED]> wrote:
> I am writing a php script to accept an HTTPS POST of data from a
> remote site, process the data, and send an HTTPS POST response back
> (not necessarily to the same remote site).
Can you perhaps rephrase what you are trying to do? The way I interpret what
I am writing a php script to accept an HTTPS POST of data from a remote
site, process the data, and send an HTTPS POST response back (not
necessarily to the same remote site). I can do this pretty easily in
PERL (which I may have to if I can't find a PHP solution). Also I need
to do the https post
: Thursday, June 19, 2003 9:39 AM
To: Henning Sittler; [EMAIL PROTECTED]
Subject: Re: [PHP] php https file download
> Apache 2.0.40
> PHP 4.2.2
> Linux
>
> I have a single php script for downloading requested files. It works
> beautifully on http over port 80. It does NOT work at all ov
> Apache 2.0.40
> PHP 4.2.2
> Linux
>
> I have a single php script for downloading requested files. It works
> beautifully on http over port 80. It does NOT work at all over https on
> port 443. I am using the exact same script (the very same file) for both
> http and https connections. Apache
Hello everyone,
Apache 2.0.40
PHP 4.2.2
Linux
I have a single php script for downloading requested files. It works
beautifully on http over port 80. It does NOT work at all over https on
port 443. I am using the exact same script (the very same file) for both
http and https connections. Apach
I recently switched my site from a server running PHP 4.0.1 to
a site using 4.2.1. Other than this the servers are identical, running
both the same
versions of redhat linux and apache.
Now however, I can no longer post to forms using HTTPS. It returns a
"Page cannot be displayed" error. Occasi
Hey Folks:
Speaking of identity theft, here's a fun story. Involves a Hollywood
Video store. HV is a large chain of video rental stores.
http://www.nydailynews.com/2002-07-09/News_and_Views/Crime_File/a-156851.asp
--Dan
--
PHP classes that make web design easier
SQL
x27;s online site gets hacked, and you hear
about it because it could be detected.
- Theo
P.S.: Shopping carts 'too boring'?! Of course they're boring!
-Original Message-
From: Richard Lynch [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 08, 2002 4:33 PM
To: [EM
On Mon, 8 Jul 2002, Analysis & Solutions wrote:
> Allow me to emphasize Richard's point about not trusting certificate
> authorities. I have an SSL certificate. It was fairly simple to get,
> despite several discrepancies in my documentation.
>
> While it made things easier for me, which I'm
Folks:
Allow me to emphasize Richard's point about not trusting certificate
authorities. I have an SSL certificate. It was fairly simple to get,
despite several discrepancies in my documentation.
While it made things easier for me, which I'm thankful for. Fortunately,
I'm a legitimate opera
>>>How do you know their certificate hasn't been stolen, and they haven't even
>figured it out yet? How do you know they were trustworthy people in the
>first place?<<
>
>Why do you ASSUME that they're NOT trustworthy people? Do you go through
>your entire life in that shell?
Everybody gets a
On Mon, 8 Jul 2002, Brinkman, Theodore wrote:
> Think about it for a moment. E-commerce involving properly signed sites is,
> at the very least, more secure than handing your credit card to a waiter in
> a restauraunt. The waiter can walk off with your card, and come back 2
> minutes later with
n the name,
cc number and expiration date for later use.
- Theo
-Original Message-
From: B.C. Lance [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 07, 2002 12:37 AM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] HTTPS vs. HTTP ? - the weakest link
sorry to barge in. but the weakest link
>>How do you know their certificate hasn't been stolen, and they haven't even
figured it out yet? How do you know they were trustworthy people in the
first place?<<
Why do you ASSUME that they're NOT trustworthy people? Do you go through your entire
life in that shell?
>>The more I think abou
Chris Shiflett wrote:
>
> I think I'm going to compile all of my SSL explanations into a more
> clear and informative explanation and post it on the Web somewhere.
Yes please.
Chris
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
ðÒÉ×ÅÔ!
This is for Chris and Miguel and all the people who threw in infos.
I just wanted to thank you all :) It's been really useful, and yes
Chris, I guess you should post an explanation of the process somewhere.
Most of us are prepared to use HTTPS but we can hardly explain our
customers (
Miguel Cruz wrote:
>Nobody thinks they're checking whether or not goodguys.com are good guys.
>It is your job as a consumer to research them. Once you have researched
>them and decided to do business with them, the certificate authority gives
>you a pretty solid basis for believing that you ac
Alberto Serra wrote:
>> However, it is adequate to know that one key is used to do the
>> encrypting, while the other is used for the decrypting. These are
>> generally referred to as public and private keys, because one is made
>> available to the public while the other is kept safely stored
On Mon, 8 Jul 2002, Alberto Serra wrote:
> Chris Shiflett wrote:
>> Of course, as users of Web browsers such as Netscape and Internet
>> Explorer, we have to trust AOL/Time Warner and Microsoft, respectively,
>> (yeah, scary thought) to only trust CAs that have high integrity,
>> security, etc.
ðÒÉ×ÅÔ!
>> Chris Shiflett wrote:
> it is very misleading and would indicate that I
> have very little knowledge about PKI systems,
Come on, nobody here would ever think of that. Especially since most of
us (put me as first one in the list) should know much more about PKI
ourselves before jud
Personally, I think the concept of NEEDING https is a bit rediculous.
Generally, trying to get through the front door, would be the same as
trying to get through a concrete wall with a baseball bat...
Now, finding a back door, and getting at THEIR database is the REAL key.
people don't generally
on 08/07/02 10:48 AM, Mark Charette ([EMAIL PROTECTED]) wrote:
> Or, even easier and "no tech", I get a low-paying job in some convenience
> store, and make copies of the credit card receipts.
>
> Game Over.
>
> Using a credit card anywhere involves trust. Period. End of story.
Couldn't agree
I think I'm going to forget trying to explain the technical details,
because somehow this conversation is completely missing the point now. :)
SSL allows you to be sure that your credit card number is getting safely
and securely to the Web site identified by a certain domain name. That's
all i
1 - 100 of 144 matches
Mail list logo