It probably would make some sense to ask developers to apply for a secure certificate for two-way HTTPS, but.. hey, okay, I'm not flipping out they didn't, either.
No PII was being exposed... no loss, no foul.
156 posted on 10/23/2013 5:39:08 AM PDT by Lazamataz
(Early 2009 to 7/21/2013 - RIP my little girl Cathy. You were the best cat ever. You will be missed.)