Sorry, I sent the last message prematurely (damn hotkeys).
We currently use the following options to get around the IE SSL bug:
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
We also wish to use X509 client authentication, and my concern is that
these directives will cause the client certification verification, and
indeed the entire SSL session negotiation, to be performed anew with
every single request. Is this performance hit a reality?
Thanks,
Rich
