Lucky Green <shamrockat_private> writes: > Sure, a server can be specifically configured to not allow access by 40 bit > browsers, but the overwhelming majority of 128 bit capable websites support > both 128 and 40 bit crypto and will automatically use the highest strength > supported by the browser. No incompatibility issues are introduced by > enabling full-strength crypto. In my experience with Netscape and apache-SSL the lowest strength cipher (apart from no cipher at all) is used. Unless you disable the weaker ciphers in Netscape, netscape tries them first and will connect if the server allows them. Of course this doesn't invalidate your statement that there is no problem with enabling full-strength crypto, but it does mean there is also little to gain by doing so. Simon -- ----------------------------------------------------------------------- | Simon Liddington | | | E-Mail : sjl96vat_private | Tel (work) : +44 (0)1703 592422 | -----------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:47:29 PDT