Meaning of Network Transmission warning dialog ?
Yuri Baranov
baranovu at gmail.com
Fri Dec 1 06:42:13 GMT 2006
Hi, development team! I am not a member of the mailing list.
Recently I have used Konqueror browser to send a payment for online
service. I was redirected to a https url with a pretty form containing
the usual fields: card number, cvv, cardholder name, etc.
After filling the fields and clicking submit, I got warning dialog
from the browser (screenshot attached),
After some hesitation, I ventured to press "Send unencrypted" button.
Another web page appeared with the words "payment accepted".
Now I am in a process of long e-mail conversation with a developer of
the online payment system.
The developer postulates, that the data from the form on the payment
site is always posted encrypted, but the http response may come back
unencrypted. This does not break any security, according to him,
because the response contains no sensitive information - only "payment
accepted" or "payment rejected".
I would like to clarify, what does the message of the warning mean
exactly? When may such warining appear? Could it refer to data coming
"back" from server to browser, and if it is the case, how can the user
"cancel" this data send? Initialy, I had the feeling that it is my
data (the data I've filled out, including card number) which is g
coming to the "back"-end server in unencrypted format.
Regards,
Yuri Baranov
PS I had a similar warning while using that site with firefox some
months ago, but I do not remember all the details now. So far, no
third party has tried to misuse my debit card information AFAIK.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot-Network Transmission - Konqueror.png
Type: image/png
Size: 31939 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20061201/09743ef1/attachment.png>
More information about the kfm-devel
mailing list