After I upgraded Mozilla from 1.2.1 to 1.3, I tried accessing https://home.da-us.citibank.com/signin/indexkiosk.htm with Mozilla 1.3 but the site returned an error page stating: To use Direct Access, you need a browser that supports strong encryption (128-bit)
I believe the silly webmaster forgot to future-proof his web browser
checking cgi script as 1.3 does infact support 128bit keys.
They might be guilty. But I still don't understand why Mozilla 1.2.1 had no problem with their site. Do they simply check the browser name and versions against their hard-coded list, rather than checking the encription strenth through a dedicated API?
-kuro
