What to do about SSL strength
Thiago Macieira
thiago at kde.org
Wed Mar 8 10:41:56 GMT 2006
Tom Albers wrote:
>Op dinsdag 7 maart 2006 22:14, schreef George Staikos:
>> Basically they have "if (bits(cipher) != 128) { error('weak crypto
>> unsupported'); }"
>
>Is it possible to catch that?
>
>if (error == 'weak crypto unsupported') renegotiate(128);
Given the errors we're getting, I think not.
The SSL negotiation succeeds, but the webserver then redirects the browser
to an "weak crypto unsupported" error page via HTTP. So, from KSSL's
point of view, the negotiation succeeded.
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
3. Ac seo woruld wearð geborod, swá se Scieppend cwæð "Gewurde Unix" and
wundor fremede and him "Unix" genemned, þæt is se rihtendgesamnung.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20060308/c1eeaff1/attachment.sig>
More information about the kde-core-devel
mailing list