I have spoken with verisign in regards to generating CSR without weak ciphers enabled ( resolution: disable weak ciphers in nessus reports ).
All they could tell me was:
http://www.verisign.com/support/csr/index.html
choosing 40/128 ???
To be more specific, what I'm trying to figure out how to do is disable these weak ciphers that are supposidly enabled by IIS 4.0 CSR genration before they are sent to an authority for signing.
I know that the weak ciphers are a low security risk, but governments and financial institutions don't see it that way.
Feed back is very welcome - Thanks
