From: David P. D. <dp...@dp...> - 2002-03-17 20:27:00
|
Warnings for the NO LOCK - the page does not "look" secure to the end user, because a full web page will never be loaded with SSL, the only information that will be encrypted is the login and password. This could confuse some end users. And also the only information that is secure is the login & password. Session IDs, cookies, and related data is insecure. Browser warnings - sometimes they can be disabled, some browsers you can load your self-signed certs. The reason why commercial sites don't generate warnings is because they have paid to have their cert signed by a real certificate authority (ca). If you get a CA signed cert with the correct Common Name (CN), then almost every browser will work without warnings. *** Your mileage may vary. Valid at only participating web browsers and servers. *** See information with your web server software for more information on SSL and SSL Certificates and compatibility with browsers. -- ****************************************************************** -- | David P. Discher * (314) 518-3795 * <dp...@dp...> | | <http://dpd.dpdtech.com/> * AOL/MSN: "DavidDPD" * ICQ:4222899 | -- ****************************************************************** -- on 3/17/02 12:44 PM, Jano Lukac at jed...@ya... wrote: > > Hi, > > Neat fix, but the problem is that with certain browsers (i.e., netscape), a > dialog box pops up saying "you are about to be redirected to a connection that > is not secure" blah blah blah, without a check box thingy. How do sites like > yahoo keep this from happening? > ?? on 3/17/02 10:59 AM, Dennis Durling at de...@un... wrote: > Again, thanks! > It works, of course, but I am still wondering about your warnings. > on 3/17/02 12:49 PM, Dennis Durling at de...@un... wrote: > You can easily make your browser not give you that message so I wouldn't > consider it much of a problem. > |