[clue] security question

Philipp Giddings webmaster at continentalbook.com
Mon Mar 26 16:01:29 MDT 2012 

go to this page
https://secure.kimbia.com/secure/F276DAN9GW
same form with https calls not obscured


On 3/26/2012 10:33 AM, Dan Kulinski wrote:
> At this point either email their webmaster and mention your findings 
> or call them up to register and see if they have an alternative form 
> of payment.
>
> Dan
>
> On Mon, Mar 26, 2012 at 10:32 AM, Mike Bean <beandaemon at gmail.com 
> <mailto:beandaemon at gmail.com>> wrote:
>
>     That's it, the browser thinks it's not secure, or more
>     importantly, lastpass thinks it is (not secure).   And the browser
>     resolves as runforyourlives.com <http://runforyourlives.com>, not
>     https.  that's what's making me nervous!
>
>     Bean
>
>
>     On Mon, Mar 26, 2012 at 10:29 AM, Dan Kulinski
>     <daniel at kulinski.net <mailto:daniel at kulinski.net>> wrote:
>
>         What part are you worried about?  Did you check their
>         certificate?  Your browser will warn you if you submit a form
>         over a non-secure channel from an HTTPS page.  You can check
>         the form and make sure it isn't submitting to a non-secure
>         page (if it is an absolute path that begins with http:// that
>         is bad).
>
>         Dan
>
>         On Mon, Mar 26, 2012 at 10:25 AM, Mike Bean
>         <beandaemon at gmail.com <mailto:beandaemon at gmail.com>> wrote:
>
>             Briefly, I want to register for the denver run of
>             http://runforyourlives.com/ , but I can't just take their
>             word for it that their site is secure just because it has
>             a footnote at the bottom that says, "this site is
>             secure".    Well, if that were true, wouldn't it show up
>             with the browser lock icon or https:, in the URL?   Is it
>             possible it's just a @#$@#$@#$ implementation of SSL?   Is
>             there another way which I am not aware of to do the
>             needful on a site security before rendering a credit card
>             number onto them?
>
>             Bean
>
>             _______________________________________________
>             clue mailing list: clue at cluedenver.org
>             <mailto:clue at cluedenver.org>
>             For information, account preferences, or to unsubscribe see:
>             http://cluedenver.org/mailman/listinfo/clue
>
>
>
>         _______________________________________________
>         clue mailing list: clue at cluedenver.org
>         <mailto:clue at cluedenver.org>
>         For information, account preferences, or to unsubscribe see:
>         http://cluedenver.org/mailman/listinfo/clue
>
>
>
>     _______________________________________________
>     clue mailing list: clue at cluedenver.org <mailto:clue at cluedenver.org>
>     For information, account preferences, or to unsubscribe see:
>     http://cluedenver.org/mailman/listinfo/clue
>
>
>
>
> _______________________________________________
> clue mailing list: clue at cluedenver.org
> For information, account preferences, or to unsubscribe see:
> http://cluedenver.org/mailman/listinfo/clue
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue/attachments/20120326/aafdafae/attachment.html

More information about the clue mailing list