> ----- Original Message ----- > From: "Torvald Baade Bringsvor" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, July 29, 2003 11:21 AM > Subject: RE: Problems with old MSIE 5.0
> I dont think theese browsers are supported, no. However, quite a few clients > are using them still and our customers does not accept us tossing our hands > in the air and saying that we dont support all browsers. It has worked in > the past, and therefore it is our problem that theese browsers are indeed > broken. We have had a similar problem with 56 bit browsers before, and had a > lot of problems convincing our customers that the browsers are broken. MSIE 5.0 was only available from Microsoft for a very short period - because there were so many SECURITY issues with 5.0, MS very quickly released MSIE 5.01 - at the same time, they [mostly] fixed the broken SSL implementation. These versions had significant security issues, AND very buggy SSL: 5.00.2014.0216 Internet Explorer 5 5.00.2314.1003 Internet Explorer 5 Office 2000 5.00.2614.3500 Internet Explorer 5 Windows 98 Second Edition 5.00.2516.1900 Internet Explorer 5 Windows 2000 Beta 3 5.00.2919.800 Internet Explorer 5 Windows 2000 RC1 5.00.2919.3800 Internet Explorer 5 Windows 2000 RC2 I note that you say you are using the Win98/2 version? Unusual in the corporate environment. The first version that works reasonably reliably with SSL is 5.00.2919.6307 which is actually IE 5.01 If your customers are still using MSIE 5.0 then you have a security obligation to 'toss your hands in the air' and get them to move as soon as possible. If you are aware of the issues [ and you are now 8-) ] and you don't inform them, do you become liable? Your requirement to use SSL seems to indicate that security might be important to your customers. I work for an ASP that provides dynamic sites and services for banks - we did have a bank using 5.0 attempt to use our services. When we waved the security banner, the users PCs were upgraded to a later version of IE within two weeks. In the meantime, they used Netscape. If you managed to get IE5.0 working RELIABLY with SSL in the past, then you are the first person I have ever met who makes that claim. A posting of the httpd.conf settings that work would be valuable. The most obvious solution to your problem is to roll-back to the working version / configuration. Regards Jeff ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
