Hey all,

I've always put any forms that collect credit card information behind a secure connection, https, figuring that sending that information from the client browser to the server should be secure, but I'm having convincing a client that it is necessary.

He instead insists that only the call to the credit card processor's server needs to be secure and of course the processor supplies the connection there.

But doesn't also the form need to be secure since you're sending CC information from that form back to the web site's server?

That's what I've always assumed.

I need some opinions on this, and if I'm right I think the client will defer to a few more votes.

Skip Evans
Big Sky Penguin, LLC
503 S Baldwin St, #1
Madison WI 53703
Those of you who believe in
telekinesis, raise my hand.
 -- Kurt Vonnegut

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to