SSL Question
 

I think I already know the answer to this, but just double checking...

Say I went to https://blah.com/page.html...

You'd be able to see that I'm connected to blah.com, obviously the content itself is encrypted, but would you be able to tell that I'm viewing page.html?

(I'm assuming no, but ya never know..)

in IE there is a small lock that apears locked in the lower right corner of the window. in firefox its the same location but it list the webpage that the key was issued to.

check https://www.wellsfargo.com/

... actually your question was actually much more complicated then I thought. Sorry my response is kind of worthless to you.

I BELIEVE that the GET or POST request occurs inside the envelope of the encrypted communication. There's an initial HELO against the server that initiates encryption negotiations, and then continuing encrypted data against that address, but the details of your requests should be encrypted.

See http://www.xramp.com/resources/how-ssl-works.

You can always use a packet sniffer such as Network Chemistry's Packetyzer, to see exactly what happens when you try to connect to an HTTPS site. That will tell you for sure - look in the data portion of the packet - if you can't read your HTTPS packets, then it is encrypted.

No, the page within the site is encrypted as well. HTTPS opens up an SSL connection first, then uses HTTP protocol inside SSL, so someone running a sniffer can only see that you're connected via SSL to the HTTPS port on blah.com. I am a network engineer :) Technicaly, you could be running anything over the HTTPS port, and the only indication that it's not HTTP is the times and amounts of data transfered.