Comment 5 for bug 1372635

We've done some investigation and found that we are using non-HTTPS mode currently to communicate with ECOM. There's an option that allows us to use HTTPS mode. We want to support this for client side validation.

We are still investigating on the server side validation. We'd like to fix it once a solution is found.