3

Possible Duplicate:
Does an established ssl connection mean a line is really secure

For example, Amazon.com doesn't use HTTPS for the whole site, but only the login page.

I know they are encrypted in some ways but I am not sure how secure are they. The account contains credit card information. Could they pass through any proxy server without problem, given that many so-called free proxy server are created by people with bad intention?

Does HTTPS imply that you message cannot be intercepted? ( With or without using any proxy server )

Community
  • 1
lamwaiman1988
  • 183
  • 2
  • 7
  • Eugene Spafford said a long time ago: >[HTTPS] web servers are the equivalent of heavy armored cars. The problem is, they are being used to transfer rolls of coins and checks written in crayon by people on park benches to merchants doing business in cardboard boxes from beneath highway bridges. Further, the roads are subject to random detours, anyone with a screwdriver can control the traffic lights, and there are no police. So yes, HTTPS is probably the most secure component involved in dealing with your credit card details. The bad part is that everything else is probably way less secure. – Vitaly Osipov Oct 09 '12 at 03:34

1 Answers1

1

From my experience Amazon encrypts any page that contains confidential information and any page that is used to input confidential information from the user such as credit card information.

The answer to your question as to whether HTTPS protects information from being intercepted by third parties including proxy servers is YES it does.

HTTPS and SSL does this by using public key encryption in various ways to validate the identity of the web server that your are communicating with and to also negotiate a session encryption key that is only know to the sender and receiver.

Here's a link to a YouTube video that does a fairly good job of explaining how both identity validation and session encryption are performed by SSL.

One exception to proxy servers being able to decrypt SSL traffic is a reverse proxy used by a content delivery network such as Akamai. CDNs such as Akamai are trusted partners for the customers they provide service to and are given SSL certificates with private keys signed by trusted Certificate Authorities that enable them to act as the web sites for which they are providing caching and acceleration services to.

HeatfanJohn
  • 320
  • 2
  • 12
  • Would there be any difference if I use a proxy server or not? The text transfer could well be intercepted and be seen even that it is encrypted. – lamwaiman1988 Oct 09 '12 at 03:04
  • A normal proxy server will not be able to decrypt your traffic. They can only pass the data on unchanged. Again, the exception to this is a CDN reverse proxy which has been configured to have an SSL certificate for the web site you are visiting. This is done so that the CDN server that provide caching and other acceleration services. – HeatfanJohn Oct 09 '12 at 03:10