And on the topic I would say that it probably is overkill but a lot of times peoples perception of security makes them happy. I think it is a far more worst security risk that someone just downloads the thing and sells it then for someone to sniff the packets to get a couple of addresses and phone numbers.
It's like here in nashville there was a breakin at the election commission and laptops were stolen with all the voter roles on them... which meant SS numbers etc. People freaked out and the city ended up having to pay for credit monitoring services and send out 2 mailed letters to everyone registered to vote in Davidson County. Probably not cheap at all. Come to find out the laptops were stolen by a homeless guy along with a space heater and a radio. They recovered the laptops only to discover they weren't even turned on! In the end give the client what they want and if they are willing to pay a little bit more for a sense of security have at it. J.J. On 1/24/08, J.J. Merrick <[EMAIL PROTECTED]> wrote: > yeah, it really isn't bad. Depending on the host they might have a > shared SSL cert you can use. Essentially they just map your site as a > folder underneath a larger site. > > In the end it is like $20 for a low-end cert that will get you the > encryption you want/need and a couple of bucks for a static IP a > month from their webhost. > > J.J. > > On 1/24/08, Rick Faircloth <[EMAIL PROTECTED]> wrote: > > What's the total cost, typically? > > > > Cost of the SSL Cert, plus a dedicated IP (required, correct?), > > plus whatever other charges an ISP may charge? > > > > Rick > > > > > -----Original Message----- > > > From: James Holmes [mailto:[EMAIL PROTECTED] > > > Sent: Thursday, January 24, 2008 1:02 AM > > > To: CF-Talk > > > Subject: Re: OT: SSL Necessary? Important? > > > > > > On Jan 24, 2008 11:38 AM, Claude Schneegans <[EMAIL PROTECTED]> wrote: > > > > >>Is the SSL encryption overkill for something like this? > > > > > > > > IMHO yes. > > > > Unless they are willing to pay for more protection, because it is not > > > > free. > > > > > > Unless they use OpenSSL and self-sign, which is free. Of course users > > > may not desire the warning about an untrusted cert, so it's not > > > perfect. > > > > > > -- > > > mxAjax / CFAjax docs and other useful articles: > > > http://www.bifrost.com.au/blog/ > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:297292 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
