On 05/29/2011 11:42 AM, Dazed_75 wrote:
> He wrote me back and said that had I clicked the button, the
> information would have been sent securely and that he was trying to
> minimize his bandwidth costs since he was a small company.
The web browser is correct, if the submission form is not secure, how do
you know you're sending it to the right person? SSL doesn't just verify
your connection can't be eavesdropped on, it's an authentication
mechanism too. With a man-in-the-middle attack, the destination could be
changed to also be sent to some third party.
Austin Wright.
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)