"Rob" <nomail@example.com> wrote in message
news:slrni152kg.dg6.nomail@xs8.xs4all.nl...
> Jeff Strickland <crwlrjeff@yahoo.com> wrote:
>> The fact that a site is secure or not is driven by the site, not the
>> browser. The OP asked if he can set his browser to go to a secure site
>> even
>> though he inputs an address to an unsecure site.
>>
>> The answer to that question is no.
>
> YOUR answer to that question is no. But it is not the correct answer.
>
>> But the OP asked if his browser could be directed to AUTOMATICALLY go to
>> the
>> secure servers of a page if there is a secure version of an address where
>> he
>> input the address as HTTP and not HTTPS.
>
> No, that was not the question. The question was this:
>
> Some sites with login should use https but is optional (I guess to save
> CPU
> time).
>
> Is there a way to automatically force IE8 into https whenever I'm on that
> site?
>
> I know firefox has an extension that does this, but since I use both
> browsers, I need IE8 to do this as well.
>
>
>
> Read again. It does not say "automatically force IE8 into https whenever
> I'm on sites like that".
>
> It says: "whenever I'm on that site". Read again. That site.
> That means it is not something that has to detect what the capabilities
> of the site are. The OP already knows that the site can do https. The
> name of the site is fixed. Can be on a list. No need to do any guessing.
Okay, he wants to visit a specific site and force IE8 to secure mode. The
answer is still, no because the login being secure or not is determined by
the server, so forcing IE8 into HTTPS on the _page_ of the site where the
login takes place is not possible because the server does not use a secure
page for the login.
Anybody can set a Favorite to
https://www.website.com, but if website.com
isn't secure, it doesn't matter. And, if it is secure and requires a login,
but the login page isn't secure, then it still doesn't matter. So, the
answer to the question is still, no.
So whether he's asking about a specific site or several specific sites that
he wants to use, the fact that the site is HTTPS is dictated by the site and
any given page on the site may or may not be served up secure; which is what
HTTPS means. The server is driving the bus on the security, or the lack
thereof. Which, is all I said on the very first day.
For the Record
I wrote the user manual for a cryptographic accelerator card, so I'm not
completely unfamiliar with the demands of secure transactions. The
encryption protocols (handshake) are processor intensive, which is why my
company developed the accelerator card. Our card took the protcol process
away from the server and crunched the numbers to spit out the key, and did
it in the perverbial blink of an eye. We understood that the protocol was
processor intensive, and visitors might leave if they had to wait too long
for pages to turn or for transactions to process.