[ic] Non-Secure Checkout

[Dan Browning]

At 08:42 PM 7/29/2001 -0400, you wrote:
>I'm not sure if this is worth pursuing, but....
>
>I've got some customers that are objecting to my 128-bit security on
>checkout and are wanting a non-secure checkout in the Construct demo.
>
>Is there a simple way to do this? Or, should I simply push them to
>upgrade their browser?
>
>
>-= Jim =-

Your SSL should automatically handshake to 56-bit encryption even with a 
128-bit key.  Try getting a low encryption browser and testing it yourself 
while watching the /var/log/httpd/ssl... logs.

However, your customers might be experiencing other problems.  If you are 
running OpenSSL (standard), I would recommend upgrading to the latest 
version, 0.9.6 (-9 for rpm).  The new version seems to work better with 
more browsers (and low encryption levels).  E.g. when I had 0.9.5, Internet 
Explorer 5.5 with 56-bit encryption would always show 2 images (random 
selection) as not available.  Further, there is some httpd.conf stuff that 
you can do to increase compatibility as well.

Upgrading to 0.9.6 isn't easy, however, since you have to upgrade to an 
Apache with a mod_ssl that has been compiled against the same version of 
openssl.  You can compile the whole mess yourself to be sure, or try the 
RPM trickery, or just buy StrongHold and be done with it.  :-)

HTH,

Dan Browning, Cyclone Computer Systems, danb@cyclonecomputers.com