On Fri, Jan 05, 2001 at 01:32:43AM -0600, Austad, Jay wrote: > View the source of the page. If the form submit's the data to an https:// > url, then you should be able to consider it secure. Many sites outsource > their card processing, and some card processors will accept data from a POST > operation to their site from the customers web page. > > Go over the HTML carefully though to be sure. A side note on this: I've encountered one site which had this backwards: They swore up and down that their credit card info page was "certified 100% as secure as it gets", and it was - the page was served via https. But the submit button was an http link. Fortunately, Netscape caught this and warned me about it. (But, of course, when I told them about it, they told me I didn't know what I was talking about, repeated their litany about how secure the form is, and, ultimately, did nothing about it.) So cravat empty and all that stuff. -- SGI products are used to create the 'Bugs' that entertain us in theatres and at home. - SGI job posting Geek Code 3.1: GCS d? s+: a- C++ UL++$ P++>+++ L+++>++++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI++++ D G e* h+ r y+