HTTPS Question

[craigfreyman at gmail.com (Craig Freyman)]

Is there some security benefit I am not aware of for using https connections
within frames and presenting them over http to the user? This site
http://webcentral.du.edu does such a thing and I don't understand why. If we
spend time training people to look for https and certificate errors, why
would they do this?

When you click on "security information" at the bottom it says:

*Is this Site Secure?*
Yes, webCentral.du.edu <http://webcentral.du.edu/> uses a Security
certificate provided by VeriSign.

*Where is the little key or lock then?*
webCentral uses frames throughout. The login page is actually a frame within
a normal http: page. It is still secure, you just can't see the key or
lock.

Someone please enlighten me.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100512/9d2cc17d/attachment.htm