Hi.

I am using IIS 6.0 and Server 2003.

I want to know what is the best way to provide a secure login.
I tried to go to the Directory Security tab and create HTTPS
access on the signin folder (containing all login pages) but
now can't access the folder at all (I typed https in the browser).
I then wen through creating certificates on my site but I don't
want it so the user has to submit a certificate for each page
he goes to.

I noticed on ebay they seem to have their own server (or, at
least, Web site, for signin - https://signin.ebay.com). Is
this better than doing something like https://www.domain.com/signin ?
I noticed that companies like YouTube do this.

In short, what is the best way to batten down the hatches? 
Actual steps appreciated.

Thanks.

[ Post a follow-up to this message ]

On May 4, 9:01 am, pbd22 <dush...@gmail.com> wrote:
> Hi.
>
> I am using IIS 6.0 and Server 2003.
>
> I want to know what is the best way to provide a secure login.
> I tried to go to the Directory Security tab and create HTTPS
> access on the signin folder (containing all login pages) but
> now can't access the folder at all (I typed https in the browser).
> I then wen through creating certificates on my site but I don't
> want it so the user has to submit a certificate for each page
> he goes to.
>
> I noticed on ebay they seem to have their own server (or, at
> least, Web site, for signin -https://signin.ebay.com). Is
> this better than doing something likehttps://www.domain.com/signin?
> I noticed that companies like YouTube do this.
>
> In short, what is the best way to batten down the hatches? 
> Actual steps appreciated.
>
> Thanks.

I think the meat of this question is:

What is the advantage of building a Child Domain solely for SSL logins
to my domain?

Thanks!

[ Post a follow-up to this message ]