[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Where does the encryption happen with SSL?

Posted on 2000-03-06
2
Medium Priority
?
232 Views
Last Modified: 2013-12-25
A question about SSL...

When is the information that is sent by https actually encrypted?  If you request https://www.ordersomethingonline.com/ and it's an order form asking for your credit card number and it's sent to http://www.ordersomethingonline.com/cgi-bin/process.cgi (notice the http instead of https on the cgi call) does that mean:

a. The original form is encrypted when it's sent to the user before he fills it out but then what he actually fills out on the form is NOT encrypted when it's sent to the cgi script

or...

b. The content the user types into the form is encrypted when it's sent to the cgi script, but whatever the cgi script echoes back as confirmation is NOT encrypted?
0
Comment
Question by:rmacmich
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 8

Accepted Solution

by:
jhurst earned 300 total points
ID: 2589599
The browser encrypts and dcrypts data just before sending it when the connection is https, and DOES NOT for HTTP.  So, if the submission of the form is to a http-site - your credit card information is being sent in clear text format.

Realistically there is little risk of someone seeing it.  I think the risk is much less than some wait-person making an extra copy of your credit card in a restuarant etc.  

If you note all of the breaches so far have not been in the transmission of the information but of the information when it arrived and was stored at the server site.  https does not solve this problem.
0
 

Author Comment

by:rmacmich
ID: 2591628
Jhurst -- thanks.  I appreciate your answer and agree with you on both points you made.  :)

Have a good one.

0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It is a general practice to get rid of old user profiles on a computer  in a LAN environment. As I have been working with a company in a LAN environment where users move from one place to some other place at times. This will make many user profil…
Batch, VBS, and scripts in general are incredibly useful for repetitive tasks.  Some tasks can take a while to complete and it can be annoying to check back only to discover that your script finished 5 minutes ago.  Some scripts may complete nearly …
Learn the basics of while and for loops in Python.  while loops are used for testing while, or until, a condition is met: The structure of a while loop is as follows:     while <condition>:         do something         repeate: The break statement m…
The viewer will learn how to dynamically set the form action using jQuery.
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question