If I am on a laptop connected in a public free WiFi and I type in my credit card number to buy something on Amazon (which has SSL), when and where is this SSL encryption being performed. Is the browser doing the encryption of my credit card number? Is it encrypted on my laptop prior to my laptop sending it out through the air to the first access point? Or is it encrypted later at the server?
I just want to know how secure it is to buy things on Amazon when using free public WiFi?
According to this the encryption is done in the Application Layer of the OSI Model.