The form screen should be https so that it can post the form information securely.
----- Original Message ----- From: "Andy Ousterhout" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Saturday, February 22, 2003 9:15 AM Subject: RE: HTTPS > Trying to reconcile the two responses, when and where is the encryption > performed? For example if the logon screen is HTTP, now does the client > know the key to use for HTTPS encryption? Or, does the form screen need to > also be HTTPS so that it can encrypt the results. > > Andy > > -----Original Message----- > From: Bruce Sorge [mailto:[EMAIL PROTECTED] > Sent: Saturday, February 22, 2003 7:43 AM > To: CF-Talk > Subject: Re: HTTPS > > > The login screen. If you are using just HTTP, you are transmitting > information in the clear. If you are using HTTPS, then you are already in > the secure environment and the transmission is encrypted. > ----- Original Message ----- > From: "Andy Ousterhout" <[EMAIL PROTECTED]> > To: "CF-Talk" <[EMAIL PROTECTED]> > Sent: Saturday, February 22, 2003 7:36 AM > Subject: HTTPS > > > > For proper security, should your login screen be called using HTTPS as > well as > > the action screen or just the login action screen? > > > > http://www.domain.com/login.cfm > > > > Or > > > > https://www.domain.com/login.cfm > > > > Andy > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
