Wednesday, March 05, 2008

Old Browsers Are Security Risk

This is probably old news for most people but if someone is using an old browser in some cases it may be that an SSL certificate will not deliver 128 bit encryption. Here's the info from Verisign's web site:

Even though an SSL Certificate is capable of 128-bit or 256-bit encryption, many millions still use older computer systems that are incapable of strong encryption. (Building Blocks of Transparent Web Security: Server-Gated Cryptography, Yankee Group, 2005.) These legacy browsers and operating systems fail to step up to strong encryption without an SGC-enabled SSL Certificate:

Certain Internet Explorer browser versions from 4.01 to 5.01
Certain Netscape browser versions from 4.07 to 4.72
Many Windows 2000 systems using Internet Explorer
Internet Explorer browser versions prior to 3.02 and Netscape browser versions prior to 4.02 are not capable of 128-bit encryption with any SSL Certificate.

Verisign SSL Information

Choices are to use that way overpriced green bar SSL certificate that many vendors are not yet adopting, or block out old browsers from your web server and ask them to upgrade. The latter is not fool-proof but if someone wants to let their data get hacked that is their own problem.