TruerWords Logo
Google
 
Web www.truerwords.net

Search TruerWords
Welcome
Sign Up  Log On

Topic: First Public Secure Site via TLS

Messages: (8) 1


Author: Seth Dillingham

Date:4/16/2002

Permalink Icon

# 1980

First Public Secure Site via TLS

TAG/Eli is the first public site to be served securely from Frontier via Macrobyte's secure server, TLS.

I'm quite pleased that a site like TAG/Eli is the first. It's not e-commerce, it's about missing children.

TAG/Eli was designed and is hosted by Utopia Net, who co-sponsored the development of TLS (Thanks, Damien!) with another of Macrobyte's clients.

[Top]


Author: Stan Purington

Date:4/16/2002

Permalink Icon

# 1981

Re: First Public Secure Site via TLS

Is TAG/Eli a Manila site? I noticed that when you click on some of the links that look like they might be generated by Manila's glossary feature they use http vs https. When I was trying to use Manila behind IIs I ran into the problem of Manila having http hard coded into so much of it's code that I had to do a final filter on each page that changed links to https

[Top]


Author: Seth Dillingham

Date:4/16/2002

Permalink Icon

# 1982

RE: First Public Secure Site via TLS

On 4/16/02, Stan Purington said:

>Is TAG/Eli a Manila site? I noticed that when you click on some of
>the links that look like they might be generated by Manila's
>glossary feature they use http vs https. When I was trying to use
>Manila behind IIs I ran into the problem of Manila having http
>hard coded into so much of it's code that I had to do a final
>filter on each page that changed links to https

I believe it is, yes. Damien's on this list, I think, so hopefully he'll see this. (I think he knows about the issue with the http links, though.)

Seth

[Top]


Author: Seth Dillingham

Date:4/16/2002

Permalink Icon

# 1986

testing, please ignore

testing, please ignore

[Top]


Author: Robert Black

Date:4/16/2002

Permalink Icon

# 1983

RE: First Public Secure Site via TLS

I'm showing my ignorance here about the protocols used, but why doesn't IE (OS X) show its padlock in the lower left corner, which I, and more importantly every other internet user, have been dogmatically trained to look for? It's such a trivial thing in terms of feedback, but no matter how secure the link, people (my clients) won't believe that they're secure without it.

[Top]


Author: Seth Dillingham

Date:4/16/2002

Permalink Icon

# 1984

RE: First Public Secure Site via TLS

Robert,

The padlock icon is missing because that site's images aren't being served from a secure server. Some browsers will only declare a site "secure" if every asset used by the page (images, stylesheets, and the HTML itself) is served via https

The HTML is being served "securely," but the images are not. (It isn't a limitation of the server.)

Seth

[Top]


Author: Brian Carnell

Date:4/16/2002

Permalink Icon

# 1985

RE: First Public Secure Site via TLS

At 07:30 PM 4/16/2002 -0400, Robert Black wrote:

>I'm showing my ignorance here about the protocols used, but why doesn't IE
>(OS X) show its padlock in the lower left corner, which I, and more
>importantly every other internet user, have been dogmatically trained to
>look for? It's such a trivial thing in terms of feedback, but no matter
>how secure the link, people (my clients) won't believe that they're secure
>without it.

Interesting. If I bring up the site on Mozilla it works fine and I see the
padlock. On IE though, I get a message saying there are nonsecure elements
on the page, do I want to load those? If I click "yes", the page loads fine
but the padlock disappears. If I say "no" the padlock shows up but parts of
the page don't load.


[Top]


Author: Damien Stevens

Date:4/16/2002

Permalink Icon

# 1987

Re: First Public Secure Site via TLS

We are proud to be the first! Excellent work by Seth and his team! Especially since Seth has never even used manila!

Stan - Yes, this is a manila site, but none of the links in the navigation are generated via the glossary.

Robert/Brian - As for the padlock and everthing be SSL, we know about this. We are wrapping up some other things, but by next week we plan to have one of the templates serving everything (HTML and Graphics) directly from Frontier. This way users won't see this error.

The reason we only need one of the templates to do this is that the only thing this site is going to use SSL for is to signup members - which is what the Enrollment templates is for.

BTW - The enrollment is custom programming by John VanDyk. It allows you to register as a parent (manila member) and then add as many children as you have.

I'll post an update this this thread once we have this finished.

[Top]



<- Previous Thread:
Getting Started with XSLT

Next Thread: ->
Wow, That's Confidence

Until August 31
My Amazon sales
benefit the PMC

Homepage Links

Apr 1 - Aug 31
Ad revenue
benefits the PMC


TruerWords
is Seth Dillingham's
personal web site.
Truer words were never spoken.