once more, with feeling.
Matthias Bruestle
mbruestle at masktech.de
Thu Sep 18 10:58:20 EDT 2008
Perry E. Metzger wrote:
> I was shocked that several people posted in response to Peter
> Gutmann's note about Wachovia, asking (I paraphrase):
>
> "What is the problem here? Wachovia's front page is only http
> protected, but the login information is posted with https! Surely this
> is just fine, isn't it?"
We had here in Germany this problem with many banks. Describing the
problem to them did not help. Writing an article for a large German
computer magazine about this problem did help.
E.g. Commerzbank and ING-DiBa now uses https for all web services.
Others like Sparkasses have a login button which leads to the SSL
protected login fields. (These are samples for the current good state.
Don't remember if all these banks had the problem before my article.)
Matthias
--
MaskTech GmbH, Nordostpark 16, 90411 Nuernberg, Germany
Registered: Boerwang, Amtsg. Kempten, HRB 8206
Managing Directors: Matthias Bruestle, Matthias Duensser
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list