"Rob" <firstname.lastname@example.org> wrote in message
> Jeff Strickland <email@example.com> wrote:
>> "james" <firstname.lastname@example.org> wrote in message
>>> Some sites with login should use https but is optional (I guess to save
>>> CPU time).
>>> Is there a way to automatically force IE8 into https whenever I'm on
>>> I know firefox has an extension that does this, but since I use both
>>> browsers, I need IE8 to do this as well.
>> HTTPS is controlled by the server you are visiting, not the machine that
>> are using.
> This is of course incorrect. The use of HTTPS is determined by the URL,
> hence by the user.
> When you want some extension that (for certain sites) allows a
> https://sitename URL and not the http://sitename URL, you may be able
> to avoind insecure connections to sites that offer both options.
But the secure or insecure -- unsecure -- sites are dictated by the site,
not the address one uses. Just because I go to https://website.com
mean I will go to a secure site if it is not available. That is, if the
server at the address I input is not secured, it does not matter that I
typed in a secure address.
The vast majority of people that get to secure sites get there through a
re-direct of some sort. For example, you are at Amazon.com and have selected
a couple of books and want to check out. When you click on Checkout, you are
redirected to a secure Amazon site where your information is encrypted so
your credit card is not revealed to hackers and other scoundrels.
Why else would a site go secure? Surely they would not secure the pages of
inventory they offer for sale, or the news articles they want you to read.