Peter wrote:

> Just wait untl AJAX starts being ubiquitous. You haven't seen phishing 
> yet. So far, you have been able to read URLs and judge for yourself. 
> With AJAX, you can forget about that option.

This is actually an old technique, in some ways. There are already many
sites where buttons are not standard form submit buttons or links are not
normal HTML links. And there are many sites that have lots of embedded
frames, including "secure" sites that have non-secure parts embedded and
vice versa. A really bad thing... makes control over what's secure and what
not very difficult.

OTOH, I don't think that secure sites will start using Ajax techniques
extensively any time soon, because anything they do on the client side is
by definition wide open to hacking. That's the main reason why you probably
won't see much client-side processing in secure sites.

Gerhard

-- 
http://www.piclist.com PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist