> In addition, a large proportion of our customers have little or no > previous IT experience and cannot be expected to apply patches no matter > how trivial it may seem to us!
We had some top-notch technical people spend more than three months, setting up an isolated web/client environment to duplicate customers configurations in order to track down, isolate and see if there was a fix for this intermittent problem. We tested a vast range of both client and server configurations, (including win9x/ME/NT clients to see if there were OS specific DLLs causing the issues), to see if there were any combinations that might improve the situation - as I mentioned, you can improve it by fiddling with the client caching settings - but this is actually harder for clients to do than upgrading IE using a free CD. It also requires that you carefully craft your server cache directives for MSIE 5.00 clients. After three months of investigation, testing and email exchanges with MS support, we concluded that there was no practical solution. We will take our hats off for you if you can find one. We believe that MSIE 5.00/SSL goes into the same bucket as the yeti - no-one's ever seen a real commercial version of the beastie, and we aint gonna $pend more time hunting it. The Bad Thing that will happen, is that your site will appear flaky to your customers. If you can live with that, good and well - otherwise, consider not using SSL for some bits [not an option for us]. You can also minimise the issues with some site redesign - make sure there is only ONE thing per request - no images, external JavaScript or external style-sheets etc, then at least the failure is total, rather than indeterminate, and users can get away with pressing refresh. We operate commercial sites on an ASP basis with high user expectations, so this wasn't an option for us. IHMO 33% of your market isn't really buying stuff reliably elsewhere using SSL and MSIE 5.00 On the 5.01 problems I can offer more hope - we have lots of clients happily using 5.01 with certs and SSL, through proxies and firewalls without issues - this one is grokkable. Apart from the early SSL keepalive, we have had no issues with 5.01. Regards Jeff ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]