Got an email that i needed to change my credit card info with EAA. I generally don't use credit cards on 3rd party sites and pay via paypal, but EAA doesn't seem to support this yet.

So, in light of the recent heartbleed openssl bug, i thought i'd check EAA's SSL security.

Good news. Not affected by Heartbleed.
Bad news. Scored an "F" on SSL tests and is "insecure"

https://www.ssllabs.com/ssltest/anal...secure.eaa.org

So, i can update my credit card info on an insecure website or i can call someone and give them my information over the phone (which isn't secure either).

Maybe i'll generate a temp credit card number from bank of america and use that.