Re: Browser security type

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 31866
interpreted = N
texte = Thanks for your reply John. I should have given more details. I'm using WebStar 4.2/WebCat 3.08 on Mac OS 9.04. What you're saying is true if you set your encryption options in WebStar for your 128 bit certificate to communicate at all levels of encryption. We use 56 bit certificates for most secure areas on the server, but for this application our client requires us to use 128 bit, so we set our encryption options to communicate at only 128 bit for this certificate. Anyone using a standard browser will get an error about the encryption algorithms. My goal here was to give the users a little knowledge about this and their browser type before they receive the error and start emailing the client saying that the site doesn't work (as you know, the general web surfing public usually doesn't understand how SSL works and most won't figure out this error on their own). I saw a site once use a cgi application for browser security compatibility, but I can't find anything anywhere.Again, thank you for your reply!-RWJohn Peacock wrote:> I don't understand what you are asking for; when a browser negotiates > with a server, they find the highest level of security they can agree > upon. In other words, if you are using an US export version of > Netscape, and the server has a 128 bit server cert (not a Super Cert), > the server will communicate with the browser using only 56 bits. The > export restrictions are going away now anyway; O'Reilly already has a > 128 bit international version of WebSite available for download. And > if you are really concerned, you can get a Super Cert, which will > upgrade the client on the fly to support 128 bits. > > John Peacock > > Robert Wade wrote: > > > > Been to the archives and no luck... > > > > Does anyone know of a way (preferrably WebCatalog, but open to other > > options) for a visitor to a site to test their browser to see if it is > > 128 bit? > > > > I've got several areas of a site that are 128 bit, and I want users to > > be able to click a test your browser link or button and get a response > > back on their security type, before they attempt to enter these areas. > > > > Thank You, > > > > Robert Wade > > CABIN6 Design > > > > |[ //\ ||} || ||\| V| > > > > robert@cabin6.com > > > > ------------------------------------------------------------- > > This message is sent to you because you are subscribed to > > the mailing list . > > To unsubscribe, E-mail to: > > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://search.smithmicro.com/ > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > Web Archive of this list is at: http://search.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Browser security type (Robert Wade 2000)
  2. Re: Browser security type (John Peacock 2000)
  3. Re: Browser security type (Robert Wade 2000)
  4. Re: Browser security type (John Peacock 2000)
  5. Browser security type (Robert Wade 2000)
Thanks for your reply John. I should have given more details. I'm using WebStar 4.2/WebCat 3.08 on Mac OS 9.04. What you're saying is true if you set your encryption options in WebStar for your 128 bit certificate to communicate at all levels of encryption. We use 56 bit certificates for most secure areas on the server, but for this application our client requires us to use 128 bit, so we set our encryption options to communicate at only 128 bit for this certificate. Anyone using a standard browser will get an error about the encryption algorithms. My goal here was to give the users a little knowledge about this and their browser type before they receive the error and start emailing the client saying that the site doesn't work (as you know, the general web surfing public usually doesn't understand how SSL works and most won't figure out this error on their own). I saw a site once use a cgi application for browser security compatibility, but I can't find anything anywhere.Again, thank you for your reply!-RWJohn Peacock wrote:> I don't understand what you are asking for; when a browser negotiates > with a server, they find the highest level of security they can agree > upon. In other words, if you are using an US export version of > Netscape, and the server has a 128 bit server cert (not a Super Cert), > the server will communicate with the browser using only 56 bits. The > export restrictions are going away now anyway; O'Reilly already has a > 128 bit international version of WebSite available for download. And > if you are really concerned, you can get a Super Cert, which will > upgrade the client on the fly to support 128 bits. > > John Peacock > > Robert Wade wrote: > > > > Been to the archives and no luck... > > > > Does anyone know of a way (preferrably WebCatalog, but open to other > > options) for a visitor to a site to test their browser to see if it is > > 128 bit? > > > > I've got several areas of a site that are 128 bit, and I want users to > > be able to click a test your browser link or button and get a response > > back on their security type, before they attempt to enter these areas. > > > > Thank You, > > > > Robert Wade > > CABIN6 Design > > > > |[ //\ ||} || ||\| V| > > > > robert@cabin6.com > > > > ------------------------------------------------------------- > > This message is sent to you because you are subscribed to > > the mailing list . > > To unsubscribe, E-mail to: > > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://search.smithmicro.com/ > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > Web Archive of this list is at: http://search.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Robert Wade

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Superfilous Characters (1998) [showif] problem (1999) Multiple cart additions (1997) New commands in Final candidate (1997) [OT] ODBC between IIS and remote Access problem (2000) [format 40s]text[/format] doesn't work (1997) error message (2000) WebDNA Solutions --> Date format suggestions (1998) Re:2nd WebCatalog2 Feature Request (1996) WCS Newbie question (1997) Thanks for tips, more quest (1997) can WC render sites out? (1997) WebDNA tags in WebMerchant email templates ... (1997) WC2/Mac -- Forms not submitting correctly with Mac browsers (1997) Webcat/Webmerchant (1998) Bad suffix error (1997) Replace context problem ... (1997) Encrypting userid for email (2000) Further tests with the infamous shipCost (1997) send mail problem? (1997)