[horde] Browser feature
Michael M Slusarz
slusarz at horde.org
Tue Sep 18 17:32:05 UTC 2007
Quoting Otto Stolz <Otto.Stolz at uni-konstanz.de>:
> Hello,
>
> recently, we have introduced new, 2048-bit SSL keys.
> Now, complaints/questions from my Webmail customers keep
> pouring in, because many of them still use old browsers
> that cannot cope with SSL keys of that size.
>
> I have placed a warning on my index.html page (which
> comes before the horde/imp/index.php page that must be
> accessed via HTTPS). But those users do not understand
> that warning, because they havent't ever heard if SSL,
> keys, and all that stuff. They also do not understand
> the browser's error message either; one browser
> (Netscape 6.2) does not even issue an error message,
> but simply stays in the page displayed before.
>
> So I'd like to issue a more specific warning, whenever
> a user tries Webmail with a browser not supporting 2048-bit
> keys. The warning should say something like: "Your XY browser
> is way too old, hence does not support current safety techno-
> logy. Please get you a better one."
>
> So my question is: How can I determine whether the browser
> supports these keys? Appartently, neither Browser::hasFeature(),
> nor Browser::hasQuirk()) can provide this info.
>
> Of course, I can always read the AgentString, or use
> Browser::getBrowser(), Browser::getIEVersion(),
> Browser::getMajor(), and Browser::getMinor(), to see,
> which browser I am dealing with -- but how do I know
> which browser supports which key size?
You will most likely have to look at one of the environment variables
set by the webserver. That would be the only place I could think of
where you would be able to determine this information via PHP (since
the SSL certificate exchange is handled entirely at the webserver
level, which is different than the PHP application level).
michael
--
___________________________________
Michael Slusarz [slusarz at horde.org]
More information about the horde
mailing list