if you can imagine, the ssl connection is made upon calling the page you refer to, such that, if you had your action page called loginAction.cfm and you referenced that in an action="https://foo.com/loginAction.cfm"; thats where you would want the ssl indication, since on that pass you are sending the data that is critical.
make sense? tony -----Original Message----- From: Andy Ousterhout [mailto:[EMAIL PROTECTED] Sent: Saturday, February 22, 2003 8:36 AM To: CF-Talk Subject: HTTPS For proper security, should your login screen be called using HTTPS as well as the action screen or just the login action screen? http://www.domain.com/login.cfm Or https://www.domain.com/login.cfm Andy ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
