wraith808: It registers that who is initiating the secure connection is who you think it is. There are multitudes of examples of people doing it wrong or not registering it because of the fact that it costs money to do so.
See
http://en.wikipedia.org/wiki/Transport_Layer_Security Don't read that in a paranoid mood though- it really bursts bubbles when it comes to knowing what the browser actually authenticates. But for general usage, its decently secure.
lowyhong: So it doesn't necessarily mean the site has been hacked into, but it's more like a representation or proof of whoever is behind that particular secure connection that you're about to provide security details to?
Should I be worried that there will be malware downloaded on to my computer too? Sorry I get easily worked up over these things. I'm in a rush too, gotta go out soon, so I haven't read the wiki link yet :(
I'd personally say don't be worried at all. if you have any concerns, then don't enter your payment information, but it's not going to make your computer less safe or anything. All this says is that the site is trying to initiate a secure connection (a good thing), but that the site that is trying to do it is giving a bad certificate (a bad thing).
Apparently in this case the regular cert got replaced by a bad cert- it happens. If you see it anytime in the future, if you're going to give payment information to the site in question, I'd recommend not. If the payment information is going somewhere else (i.e. paypal) that will initiate it's own secure connection, then there's no way that they can get the information from the other secure site (paypal doesn't transmit your payment information to them- just something to let them know you paid).
