On 10/14/06, Dick Hardt <dick at sxip.com> wrote: > Also note that URL parameters are not secured by TLS in HTTPS. > > -- Dick URL parameters are sent with the path in the GET line of the HTTP request after the TLS handshake, so URL parameters ARE secured. -- Grant Monroe JanRain, Inc.