Hi,
Does following paragraph make sense?
Also, pages that contain forms should be encrypted if the data to be filled in by the user will contain sensitive information. For example, consider a form that requires you to enter your name and credit card number. When the form is submitted it must use encryption to protect the confidential information, but the form itself, even if it does not contain confidential information, should be encrypted as well. This is needed because browsers generally display a lock in their bottom margin when a page has been encrypted. Some users will not enter secure data into a form if they don't see the lock. Note that this lock is irrelevant to whether the form data, the information the user actually wishes to secure, will be encrypted. The lock only signifies that the form has been encrypted. So, despite the lock usually being irrelevant, encryption should be used to ease users' concerns. You can require a page to be encrypted by specifying a transport guarantee of either "INTEGRAL" or "CONFIDENTIAL" (see for details).
It's from following link:
http://weblogic.sys-con.com/node/43021
Thanks.