[f-AA] ### Ebay

[Don Harvie]

Mike,

Yes absolutely it is possible to the use of httpS for secured http or 
web traffic can still be spoofed/faked, but it's a little more 
difficult. In the easier scenarios to be successful it would required 
some inattention on the part of the person browsing to the fake website. 
Ie you would need to acknowledge the encryption certificate was not a 
trusted one or the website address wasn't correct.

Virtually anyone can generate a https certificate. They can then be used 
to encrypt traffic between your pc and the web server which will prevent 
someone from 'eavesdropping' on the information sent between the two 
computers. This is all well & good, but how do you know that the web 
server your PC is who it says it is. To make the https certificates more 
secure you then need to have the certificate digitally signed by a 
trusted 3rd party. There are companies (eg. Verisign) who will sign your 
certificate. When this is done your computer will usually recognise the 
digital signature and trust it.  When your computer is offered a 
certificate that isn't signed it will usually warn you that it cannot 
verify the validity of the certificate and offer you the chance of 
rejecting the certificate or continuing.

HTH,
Don H

Mike Knemeyer wrote:
> Ok I see the "S" but are we not told, do not open any links if you think 
> its spam or someone trying to see who's at the other end.  Also if these 
> guys & gals can do all these things to fool you why not the "s".  The 
> sites (links) with the "s" are secure sites within their sites not 
> letting others to the info just them, who are "Them"  
>  
> I will watch out more for the "s" now along with many other signs.

--
This message has been virus scanned by Clam AntiVirus <http://www.clamav.net/>