As part of a thread on another list, I noticed that Bank of America, who until
recently didn't bother protecting the page where users are expected to enter
their credentials with anything more substantial than a GIF of a padlock, now
finally use HTTPS on their home page, and redirect HTTP to HTTPS (this only
took them, what, about ten years to get right?  Or is it fifteen?  When did
BofA first get a web presence?).  Wachovia now do it too.  And Citibank at
least redirect you to an HTTPS page.  And so does US Bank, after asking for
your ID.

What on earth happened?  Was there a change in banking regulations in the last
few months?


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to

Reply via email to