Thawte (or verisign-lite <grin>) sells them also, they are called
(IIRC) SGC - Server Gated Crypto keys. I use them for our private
corporate extranet web servers. My company is certainly not a financial
institution, but in the healthcare industry.
Be aware, they only work for newer versions of the "crippled" browser,
very old versions of Netscape and IE will __not__ step up, so to
speak. Thawte has a very good explanation of this on their web site.
http://www.thawte.com/certs/server/128bit/contents.html
Brgds,
Mike.
On Monday, May 07, 2001, Gunther Birznieks wrote the
following about "[OT] 128 bit encryption and IE"
GB> Another thing you might consider if Verisign will sell them is to get a
GB> Global Server certificate. They are designed for banks. It used to be that
GB> if you were a financial institution you could get this special server
GB> certificate for SSL which would trigger a 'step up' in cripplied netscape
GB> and IE to 128 bit encryption.
GB> Now, with strong encryption walls having been broken down in the US, maybe
GB> global certs no longer qualify you to have to be a bank?
GB> At 10:36 AM 5/7/01 -0700, Andrew Ho wrote:
>>Hello,
>>
>>GY>sorry for the OT, but has anyone figured out how to tell whether a browser
>>GY>supports 56 or 128 bit encryption? Apparently, users of IE with 56 bit,
>>GY>when entering a 128 bit page, get the standard Cannot Find Server error
>>page
>>GY>with little in the way directions to help the EU know to upgrade.
>>GY>
>>GY>has anyone battled this and come up with an elegant solution?
>>
>>Mainly, this just sucks. One possibility is that on any page the user is
>>supposed to hit BEFORE going SSL, to have a warning if the browser sniffs
>>to be a recent IE. I would just add the warning for any IE browser. It's
>>harder if your entire site is SSL. I'm hoping someone will answer with a
>>better solution than dumbing down encryption altogether.
>>
Best Regards,
Mike Miller
[EMAIL PROTECTED]
