Dear all, we have similar requirement in our application. According to the Servlet Specification 2.3 (SRV.4.7 SSL Attributes, page 36), there should be two values stored in the request when using https: javax.servlet.request.key_size and javax.servlet.request.cipher_suite, but Orion is not storing this values in the request (Note: old versions of those keys, javax.servlet.request.key-size and javax.servlet.request.cipher-suite are also not stored in the request). We think that this is a bug in the Orion. I am not aware of any other possibility to determine the key length, any suggestions will be highly appreciated.
Best Regards, Ivo Rakovac Stephen Davidson wrote: > Greetings. > > I am working with some data that needs to be kept secure. I was > wondering if anyone on this list knew how to force browsers to connect > at 128bit Encryption or better, or, failing that, figure out what > encryption level the browser is using. > > -Steve >