What to do about SSL strength
John Tapsell
johnflux at gmail.com
Wed Mar 8 12:42:49 GMT 2006
Am I right in assuming that IE currently uses 128bit only and doesn't
support 168bit? But probably the vista IE coders are having the same
problem at the moment?
What does mozilla do? Stick to 128bit only?
On 3/8/06, Thiago Macieira <thiago at kde.org> wrote:
> Tom Albers wrote:
> >Op dinsdag 7 maart 2006 22:14, schreef George Staikos:
> >> Basically they have "if (bits(cipher) != 128) { error('weak crypto
> >> unsupported'); }"
> >
> >Is it possible to catch that?
> >
> >if (error == 'weak crypto unsupported') renegotiate(128);
>
> Given the errors we're getting, I think not.
>
> The SSL negotiation succeeds, but the webserver then redirects the browser
> to an "weak crypto unsupported" error page via HTTP. So, from KSSL's
> point of view, the negotiation succeeded.
>
> --
> Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
> PGP/GPG: 0x6EF45358; fingerprint:
> E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
>
> 3. Ac seo woruld wearð geborod, swá se Scieppend cwæð "Gewurde Unix" and
> wundor fremede and him "Unix" genemned, þæt is se rihtendgesamnung.
>
>
>
More information about the kde-core-devel
mailing list