In article 00c301c21939$c5e8e500$[EMAIL PROTECTED] David Wall wrote:
You could also consider getting a Thawte super cert which has a capability
to allow the 56-bit export version of IE to not be so stupid and connect at
the higher 128-bit when accessing your site.
Could somebody please
wrote:
You could also consider getting a Thawte super cert which has
a capability to allow the 56-bit export version of IE to not be
so stupid and connect at the higher 128-bit when accessing your
site.
Just for the record, Thawte's Super Certs are what VeriSign
calls Secure Site
Hi!
On Fri, Jun 21, 2002 at 03:29:53PM -0400, R. DuFresne wrote:
Are there still export restriction on the 128bit browsers? I
was under the impression those export restrictions had been
lifted a few years back.
Of course most do, but at least here in Germany a lot of banks
still use
I had originally assumed this was to do with a bug in early
implementations of IE5, but since then we have had reports of the same
behaviour in IE6 (which initially comes in 56-bit flavour under win2k
unless patched).
You should read the mod ssl documentation as it describes things like he
PROTECTED] on 21/06/2002 14:31:41
Please respond to [EMAIL PROTECTED]
To:[EMAIL PROTECTED]
cc:
Subject:56-bit/128-bit IE problems
Hi all,
Encryption isn't a strong point for me unfortunately...
We have a website at http://www.mobiles.co.uk, which as part of the
ordering process
Hi!
On Fri, Jun 21, 2002 at 08:39:04AM -0700, David Wall wrote:
You could also consider getting a Thawte super cert which has
a capability to allow the 56-bit export version of IE to not be
so stupid and connect at the higher 128-bit when accessing your
site.
Just for the record, Thawte's
also consider getting a Thawte super cert which has
a capability to allow the 56-bit export version of IE to not be
so stupid and connect at the higher 128-bit when accessing your
site.
Just for the record, Thawte's Super Certs are what VeriSign
calls Secure Site Server Pro (Global) ID
Wall wrote:
You could also consider getting a Thawte super cert which has
a capability to allow the 56-bit export version of IE to not be
so stupid and connect at the higher 128-bit when accessing your
site.
Just for the record, Thawte's Super Certs are what VeriSign
calls Secure Site
Title: (seriously) Let's round up the 56-bit browsers
A little while ago, I asked the question: which versions of which browsers will be adversely affected by
!EXPORT56? In other words, who will get a 40-bit connection when they expected a 56-bit connection? I haven't seen as answer yet
Can you all help me to find pristine, untouched install.exes for obsolete
56-bit versions of NS and IE?
This link has links to archived NS browsers:
http://home.netscape.com/download/archive.html
I avoid IE as much as possible, but I think you may be able to
find old versions of IE
Title: (seriously) Let's round up the 56-bit browsers
I should3 or4 different version of IE
browser at home if you have a URL for testing I can try and give you
feedback.
Cheers,
Guillaume
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]Sent: Wednesday
Title: RE: (seriously) Let's round up the 56-bit browsers
John,
Can you elaborate a little? I don't grasp the distinction. We are using a BT Trustwise Global Site ID certificate (chained back to Verisign) which supports 128-bit encryption, but I don't know whether there's a difference
Title: RE: (seriously) Let's round up the 56-bit browsers
-Original Message-
From: Deocs Postmaster [mailto:[EMAIL PROTECTED]]
This link has links to archived NS browsers:
http://home.netscape.com/download/archive.html
Excellent resource, thanks.
I avoid IE as much
Title: (seriously) Let's round up the 56-bit browsers
Guillaume,
Thanks
for the offer. Go to https://maps.blackwell.co.uk/basket/show.dfp
This
is a secure page representing an empty shopping basket.
regards,
Charles
-Original Message-From: Taglang, Guillaume
[mailto:[EMAIL
Title: RE: (seriously) Let's round up the 56-bit browsers
I've just been looking at
the BT Trustwise site (although some of my attempts to connect have been met
with server errors. Not good!). This is what it says in it's FAQ at http://www.ignite.com/application-services/products/verisign
On Wed, Apr 04, 2001 at 10:03:39AM +0100, [EMAIL PROTECTED] wrote:
A little while ago, I asked the question: which versions of which browsers
will be adversely affected by
"!EXPORT56"? In other words, who will get a 40-bit connection when they
expected a 56-bit connection? I ha
There's a FAQ for your problem:
http://www.modssl.org/docs/2.7/ssl_faq.html#ToC48
Which other people have mentioned before. This fixed all
problems with
buggy MSIE 56-bit browsers for me.
Hasn't worked for us. Hasn't been a problem for us, either, though, since
only a few
Have you tried what's in this post as Dan suggested?
http://marc.theaimsgroup.com/?l=apache-modsslm=97430424603650w=2
I'd be curious to know if it helps or not.
I missed that post. I'll give it a shot, but I'll have to track
down a copy
of 56-bit IE, since we've all upgraded.
BTW
works fine with
IE4 and IE5 40-bit or 128-bit. But, when users try to access with IE5 56-bit,
they are presented with a "Server Cannot be Found" error.
My ssl_error log gives me the following message:
SSL requirement expression not fulfilled
Is there a way to let these people
works fine with
IE4 and IE5 40-bit or 128-bit. But, when users try to access with IE5 56-bit,
they are presented with a "Server Cannot be Found" error.
My ssl_error log gives me the following message:
SSL requirement expression not fulfilled
Is there a way to let these people
Is there a way to let these people in without downgrading security? Or,
at least a way to sniff out this version of IE before they get to the
secure pages?
You can use Apache's browsermatch capabilities to detect it before it
happens, and then handle in whatever way you think is appropriate.
David Rees wrote:
Hi,
Just to confirm, we are also seeing the same issues with 56-bit MSIE 5 and
Apache 1.3.12, mod_ssl 2.6.4 and openssl 0.9.5a. As far as I can tell, it
only affects 56-bit MSIE 5. No SSL pages log at all. There are no messages
in the logs. Does anyone know
Server: apache-1.3.12, mod_ssl-2.6.4 (these two compiled from tar.gz),
openssl-0.9.5a (from the distributed RPMs), Linux Red Hat 6.2
Client: Windows 2000 Professional (upgraded from NT Workstation), IE
5.00.2920. 56-bit
Try to recompile openssl-0.9.5a but change ssl/tls1
On Mon, Jul 03, 2000, David Rees wrote:
I found a good workaround to this problem. Instead of changing SSLProtocol
to "all -SSLv2", you can make your SSLCipherSuite line read:
You mean "all -SSLv3", right? AFAIK SSLv3 is the problem, because if SSLv2 is
the problem for IE, we don't have a
On Mon, Jul 03, 2000, David Rees wrote:
I found a good workaround to this problem. Instead of changing SSLProtocol
to "all -SSLv2", you can make your SSLCipherSuite line read:
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
Which is the default with the addition
On Tue, Jul 04, 2000 at 09:12:51AM +0200, Ralf S. Engelschall wrote:
On Mon, Jul 03, 2000, David Rees wrote:
I found a good workaround to this problem. Instead of changing SSLProtocol
to "all -SSLv2", you can make your SSLCipherSuite line read:
SSLCipherSuite
Hi,
Just to confirm, we are also seeing the same issues with 56-bit MSIE 5 and
Apache 1.3.12, mod_ssl 2.6.4 and openssl 0.9.5a. As far as I can tell, it
only affects 56-bit MSIE 5. No SSL pages log at all. There are no messages
in the logs. Does anyone know of a workaround which won't affect
om: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of David Rees
Sent: Monday, July 03, 2000 11:56 AM
To: [EMAIL PROTECTED]
Subject: Confirmed: MSIE 5 56-bit does not work with latest
Apache/mod_ssl/openssl
Hi,
Just to confirm, we are also seeing the same issues with 56-bit MSIE 5 and
Apa
To all those people who asked ...
I finally found that patching my MSIE4.01 to handle 128-bit fixed my problems...
Hope this helps,
James.
begin:vcard
n:Lyon;James
tel;pager:24-hour contact via Work number
tel;cell:+44 (7973) 824857
tel;fax:+44 (24) 7670 2501
tel;home:Please use Cellular
Hello,
I have recently installed Apache 1.3.6 with mod-ssl2.2.6. It works fine
in approx 15 mn, but:
I live in France and it is now legal to use strong encryption. So, I
would like to use SSL with 56 bits key encryption.
How can I configure mod-ssl not to use weak 40 bits encryption ?
30 matches
Mail list logo
