I'd have to agree, if they cant type "s" then they shouldnt have access.... HOWEVER: People are sheep. (sorry, but its true) and if you put a redirect in youre sure to have less customer service issues and thats mantime you shouldnt need to spend.
Just MY thoughts. :) ==================================== "It is said that if you line up all the cars in the world end to end, someone would be stupid enough to try and pass them." ==================================== ----- Original Message ----- From: "NickM" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, April 22, 2002 3:40 PM Subject: Re: Why https vs http > KISS - The user should not be made to think, if the data is secure data then > the user should be protected. Most users wont even know much about ssl or even > the use of https in the url. In the case where a decision is to be made, for > example if you are offering email and they can choose to have it secure or not > then a setting or link to switch between should be supplied. > > To say the client would be at fault is basically as ignorant a > programmer/administrator as can be, again the user should not be the one to > think, if the design of the site is not transparent then its not fluid and not > easy. Im sure a bit of Usability would shut them up, but thats not always an > option. > > As far as not being given the chance - this depends entirely on what the data > is and what the customer base is. Will they possibly be using incompatible > browsers? Is the data really so sensitive? Should it be up to the user being > that its their data (or up to your company if its yours)? Will the user be > happy about the loss of performance? Is the data so sensitive, even though its > the customers, that they should be protected no matter what (credit cards, > addresses etc)? > > My thoughts, Nick > > > > Quoting [EMAIL PROTECTED]: > > > Hello, > > > > Im looking for anyones thoughts on why it is not a good Idea to have > > an https site be able to convert to an http site. I am having many > > disscusions with co-workers that feel the client would be at fault if > > they type in the http link instead of using the https link that is > > provided?? > > > > I feel that the customer should not even have the chance to enter > > http and be able to log in. My response to my team is "It's our job > > (web team) not to even let them have access to the http link, it > > should redirect or give error." What do you people have to add to > > this????? > > > > Thanks, > > Ron > > > > > > -- > > Pop3Now Personal, Get quick remote access to your email accounts! > > Sign Up Now! Visit http://www.pop3now.com/personal > > > > ______________________________________________________________________ > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager [EMAIL PROTECTED] > > > > > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
