A while ago, Lars Eilebrecht proposed a change to the default SSL CipherSuite and BrowserMatch directives and was planning on submitting the changes to trunk barring any -1s.
I haven't seen any action on this, and I've been really interested in the proposed BrowserMatch changes. We've run into some weird combination of SSL, high latency WAN, IE XMLHttpRequest and KeepAlive disabling BrowserMatch settings that just cause IE7/8 to hang (and more ugly, to crash if you connect a debugger to it). The problem goes away when KeepAlive is enabled, so I've tested using the last proposed BrowserMatch configuration: BrowserMatch "MSIE" ssl-unclean-shutdown BrowserMatch "MSIE [2-5]" nokeepalive downgrade-1.0 force-response-1.0 But made a note to pay attention to any official Apache change so that I can at least somewhat be in sync with the official config. Just curious but does anyone know where this is at? Thanks, Andy
