Ben Bucksch wrote:
> Xplo Eristotle wrote:
>> Will Mozilla
>> inform me that the server I'm trying to connect to uses only weak crypto
>> and that I need to turn the weak crypto back on?
>
>
> Somebody else can answer that?
>
>> How difficult would it be to have an
>> error dialog that gives the user the option or temporarily re-enabling
>> the weak crypto without having to go into the preferences and change
>> them?
>
>
> Good suggestion.
In recent builds, there is a pref which basically says "Warn me
before entering weak crypto sites" (this includes SSL/IMAP and
SSL/SMTP). I belive that it's on by default. (If not, please file a
bug!) So the client will warn you, but let you pass if you click OK.
You can turn that pref off if you want.
Please try it out. I do need help finding weak crypto sites. If you
find any on the Internet, please feel free to post them here for others
to test:
http://bugzilla.mozilla.org/show_bug.cgi?id=76163
-Bob
--
Bob Lord
Director, Security Engineering
Netscape Communications Corp.
http://www.mozilla.org/projects/security/pki/
http://people.netscape.com/lord/jobs
