[e-gold-list] RE: NetPay.tv security
Hello, Ian, This (completing forms on a unencrypted page to be sent to a secure URL) seems to be a moderately common problem. If transactions are to be secure, it would be a good idea (and most websites do it this way) to start a secure session to load the page on which the form is completed. Definitely! People need to be able to simply look for the 'lock' icon on their browser to determine if they are on a secure web server before entering confidential data. People should not be expected to look at the code of a form to learn whether their data will be secure if they click the 'submit' button, and they should not ever be expected to submit such data if they are not certain that it will be sent securely. Moreover, they have to be able to *check* the identity of party to which they are submitting *most confidential* data (the one, that will be responsible for its proper handling). Regards. Alexander _ [EMAIL PROTECTED]http://www.indx.ru/eng --- You are currently subscribed to e-gold-list as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
[e-gold-list] Re: NetPay.tv security
From: Ian Green [EMAIL PROTECTED] People need to be able to simply look for the 'lock' icon on their browser to determine if they are on a secure web server before entering confidential data. Yep. I remember raising this concern about the OLD GoldMoney interface, where they had login forms right on the first page. I would never log in from there because there was no lock icon. I would always click Login first. I asked the Turks about this and they assured me that because the form action was https it was secure. That is of course true, but it is psychologically daunting and who wants to do a View Source and scroll through the html code to see if you're logging into a secure site? Of course, GoldMoney changed their interface so now you never see a login form without also seeing the lock icon. -- Patrick --- You are currently subscribed to e-gold-list as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
[e-gold-list] RE: NetPay.tv security
On 2 Apr 2002, at 17:35, Alexander Fedotov wrote: Definitely! Moreover, they have to be able to *check* the identity of party to which they are submitting *most confidential* data (the one, that will be responsible for its proper handling). I think there is a bug in NetPay.TV site. If you you click Register instead of Enter, it brings you on a secure form where you complete your details. As well the SSL certificate is valid and clearly identifies the owner. The bug is on their Create Account link on their home.html page. --- You are currently subscribed to e-gold-list as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.