Previous Discussion	Next Discussion

"Just because yer paranoid..." SSL needed here? My client is a small not-for-profit group, public-education minded. Their small public contact form includes room for a question, plus a space for the asker's email address. They of course wish no untoward use of their own or the asker's email address by "the bad guys". Does this sort of thing merit SSL protection? Started By apfwebs on Apr 13, 2007 at 3:33:44 PM

5 Response(s) | Reply

Earlier Replies | Replies 1 to 5 of 5 | Later Replies

MHenke on Apr 16, 2007 at 12:55:19 AM (# 1) My (personal) opinion: Yes, it does. I'd say that the use of HTTPS (over SSL/TLS) is appropriate wherever any kind of personal data is processed. An email address belongs to that kind of data. It's not only a personal opinion, AFAIK thats backed up by legislation (or at least recommendations) in several countries (well, at least Germany). Plus, it should by no problem tu utilise HTTPS nowadays. apfwebs on Apr 18, 2007 at 11:54:20 AM (# 2) I see, though, that Verisign costs $95 per year. I guess I will look for something rather less expensive... BachusII on Apr 18, 2007 at 2:29:39 PM (# 3) cacert.org brian on Apr 19, 2007 at 12:49:36 AM (# 4) $95 is not really that much but I think you can get 2 years for a little more and I'm sure I saw a company offering 10 years for like $250. I can't think where though. As for cacert - it's fine for testing and development but it's untrusted which makes it basically useless unless they can be added to the trusted list... BachusII on Apr 19, 2007 at 8:55:23 AM (# 5) Which they are working on right now. Mozilla is supposed to add them sometime this year I believe, and they are trying to get it in a M$ update.

Earlier Replies | Replies 1 to 5 of 5 | Later Replies

To respond to a discussion, you must first logon.

If you are not registered, please register yourself to become a member of the SiteExperts.community.