Can one's post request data be sniffed?

Question

I apologize, I am new to this and assume that I will mix some terms up.

I am trying to setup Google clientLogin and I am worried about sending my private information

Answer 1

Generally speaking, everything over https is secure. Only standout exception I can think of (other than a compromised client/server) is making an SSL connection while using a shared (think internet cafe) network. While its rare, the nature of ssl connections makes it vulnerable to these types of attacks albeit, it doesn' make it 'script kiddie' easy-- just possible. [This is why many online banks will always do your mobile banking over 3/4g data and not wifi].

An invalid certificate should make you suspicious, but is not a defacto "this connection is secure" badge. Certs only verify that the server you are contacting is run by the people identified on the cert and technically isn't required to establish a secure connection.