On Tue, Jan 8, 2013 at 3:59 PM, Thor Lancelot Simon <[email protected]> wrote: > What do you do if even they don't know? Today I tried to help someone > who was mid-transaction on Amex's cardholder web site, associating a > new card with their account, when the next step of their process hopped > us over to https://www203.americanexpress.com. I used to use Internet Explorer's Trusted Zones. The Internet was low, while I made exceptions for Trusted sites such as <mybank>.com, nist.gov, etc.
It was nearly impossible to use an organization's site because of of the cross domain crap that was going on. > https://www203.americanexpress.com That's not too egregious (though its bad). What frustrates me is when they send you to a different domain for the authentication or a transaction. I won't add sites to the trusted base just because a web master thought it was a good idea. Jeff _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
