On Monday 29 June 2009, Alan McKinnon wrote: > an OTP from a credit-card fob. It appears that the web page sets this up > right somehow, and it's https:// so I can't sniff it and see what gives.
Yes you can with some tool like webmitm, dsniff or ettercap (or others).
