Page is a not externally linkable
DamonHD - 11:14 pm on Jun 8, 2008 (gmt 0)
SSL only really works if either or both of the following is true: 1) The customer has a unique certificate in their browser and the bank (or whatever) trusted site can check for that unique client cert. 2) The user checks that the SSL certificate of the site they are at matches the address bar. If neither is true than all SSL gives you is a nice secure link to an imposter who relays your traffic to the end site, observing and altering at will. Usually, neither is true, and thus SSL is not necessarily doing what you hope. Rgds Damon [edited by: DamonHD at 11:15 pm (utc) on June 8, 2008]
Google for "Man in the Middle" attack.