Hi,
this is a bit more related to apache itself, but I dare to
subscribe there :) And anyone w/o mod_ssl won't need/use
this subject anyway, so:
apache has a mod_rewrite, and you can do nifty stuff based on
appropriate RewriteConds. Looking into doc from it, I can
see a lot of %{VARIABLES} I can base my conditions on.
Background:
I want people to force 128bit encryption capable browsers,
easy: SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
So, if there is someone using a 40bit browser, [s]he will get
an error 403. Hmm.. giving them advice could be done in the
ErrorDocument 403. But if there is really a 403 and they are
already using 128bit browser it could mislead them.
So a redirect/rewrite would be neat :)
Just tried to RewriteCond on %{SSL_CIPHER_USEKEYSIZE} but that
is not a supported variable. :(
Any workaround to get ppl using <128bit redirected to a special
howto-upgrade-page ? If not, this is a feature request to
mod_rewrite soon :)
ciao
--
Philipp Buehler, aka fIpS | SysFive.COM | BOfH | NUCH | <double-p>
%SYSTEM-F-TOOEARLY, please contact your sysadmin at a sensible time.
Artificial Intelligence stands no chance against Natural Stupidity.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
