Re: Doing https properly

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Austin William Wright
Date:  
To: Main PLUG discussion list
Subject: Re: Doing https properly
On 05/29/2011 11:42 AM, Dazed_75 wrote:
> He wrote me back and said that had I clicked the button, the
> information would have been sent securely and that he was trying to
> minimize his bandwidth costs since he was a small company.

The web browser is correct, if the submission form is not secure, how do
you know you're sending it to the right person? SSL doesn't just verify
your connection can't be eavesdropped on, it's an authentication
mechanism too. With a man-in-the-middle attack, the destination could be
changed to also be sent to some third party.

Austin Wright.
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss