Perry E. Metzger wrote: > I was shocked that several people posted in response to Peter > Gutmann's note about Wachovia, asking (I paraphrase): > > "What is the problem here? Wachovia's front page is only http > protected, but the login information is posted with https! Surely this > is just fine, isn't it?"
We had here in Germany this problem with many banks. Describing the problem to them did not help. Writing an article for a large German computer magazine about this problem did help. E.g. Commerzbank and ING-DiBa now uses https for all web services. Others like Sparkasses have a login button which leads to the SSL protected login fields. (These are samples for the current good state. Don't remember if all these banks had the problem before my article.) Matthias -- MaskTech GmbH, Nordostpark 16, 90411 Nuernberg, Germany Registered: Boerwang, Amtsg. Kempten, HRB 8206 Managing Directors: Matthias Bruestle, Matthias Duensser --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
