Sourceforge has a bit on this, too. Basically, they have a checkbox that lets you drop out of SSL after you login, so your username and password aren't sent over the wire in plaintext. However, after that, everything is plaintext, no SSL at all. Useful if you want to keep your password safe during transmission, but it sucks that everything can't be encrypted.
I haven't had any problems yet myself, but I've included that option in the stuff I work on just in case. I'm using apache 1.3.22, PHP 4.1.1 and mod_ssl 1.3.22. Seems to work so far, at least. (Although getting Konqueror to work it under KDE 2.2.2 is another story...) J Michael Kimsal wrote: > Wm wrote: > > > We've worked with this several times - it's an issue with IE under > Windows. The claim is that it only affect 'high security' (SGP or > something) but my own experience is that it's always affected. IE > just won't work right with SSL if the web server isn't IIS. You pretty > much have no choice but to live with it or move to IIS as a server > platform. > > > Michael Kimsal > http://www.tapinternet.com/php > 734-480-9961 > aim:mgkimsal -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
