Re: Remembering Passwords in IE

[11a () GMX NET (Bluefish)]

LOL! Is this really true? (I haven't experimented much in this field).
If it is, what else can you do than have a laugh at commercial "security"?
It would seem that lack of warnings in IE totally renders the use of https
(to protect against fraudalent systems) to a complete waste of time?

Could you please send more details? Using a somewhat new version of IE, I
get the following warnings when trying to access a "snakeoil-certified"
server: 1. issued by a company you don't trust, 2. name of the site does
not match name of certificate. It would be possible to avoid this problems
you mean, and still use the https protocoll? If so, how?

Of course, you could always move the https parts to http. Unless
the entire site is normally available only via https, the avarage user is
not likely to note the difference...

> Unfortunately https doesn't help any either, because IE doesn't
> rigourously enforce that a site and it's certifcate match.
>
> Netscape at least prompts your, but gives you a checkbox for
> "don't ask this again"....doh!

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team