Removing support for anything other than 128-bit connections is another option. The two concerns that come to mind are the error message that the user sees and whether or not I can lock down specific directories, as opposed to the entire site. The last time I tested removing support for 56-bit SSL, the user got a browser-generated error, as opposed to my custom error page. It was like the user was prevented from establishing any connection to the server, instead of connecting but being shown a friendly error message.
Thank you, Mike Chabot On 9/13/05, Barney Boisvert <[EMAIL PROTECTED]> wrote: > How about just not allowing non-128-bit SSL connections? That's a > snap with Apache, just edit the directive that specifies the > encryption types to allow to only include the ones you want. > > cheers, > barneyb ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:218057 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54