• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

confused with a text

 
Ranch Hand
Posts: 3852
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

Does following paragraph make sense?


Also, pages that contain forms should be encrypted if the data to be filled in by the user will contain sensitive information. For example, consider a form that requires you to enter your name and credit card number. When the form is submitted it must use encryption to protect the confidential information, but the form itself, even if it does not contain confidential information, should be encrypted as well. This is needed because browsers generally display a lock in their bottom margin when a page has been encrypted. Some users will not enter secure data into a form if they don't see the lock. Note that this lock is irrelevant to whether the form data, the information the user actually wishes to secure, will be encrypted. The lock only signifies that the form has been encrypted. So, despite the lock usually being irrelevant, encryption should be used to ease users' concerns. You can require a page to be encrypted by specifying a transport guarantee of either "INTEGRAL" or "CONFIDENTIAL" (see for details).



It's from following link: http://weblogic.sys-con.com/node/43021

Thanks.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It does to me. Do you have a specific question about it?
 
Ranch Hand
Posts: 220
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It doesn't make a whole lot of sense to me. I think what the text is trying to say is that if you see the lock, that means that the page you are viewing, which happens to contain an empty form, has been transmitted over SSL. However, the next step is for the user to fill in the data and click on the send button. When you click send, is the filled-in form sent over SSL? The text is suggesting that the user has no way of knowing.

I do not know if this is true or not. I think browsers implement various warnings when something like this might happen.
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I think browsers implement various warnings when something like this might happen.


They do, but those warnings are easily turned off (or may not be turned on to begin with). So yes, the lock can be misleading the user to think that a secure transmission is taking place when it's actually not.
 
Yes, my master! Here is the tiny ad you asked for:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic