Trivial bug in IIS5 SSL

[llevier () ARGOSNET COM (Laurent LEVIER)]

> If you select "require secure channel" and "require 128-bit encryption"
> under secure communications in IIS5, and then later deselect "require secure
> channel", browsers will fail to connect with "page must be viewed with a
> high-security web browser...HTTP 403.5 - Forbidden: SSL 128 required". This
> even occurs with a 128 bit enabled browser (i used IE 5.00.2920.0000).
>
> If you remove the check next to "require 128-bit encryption" (which is
> greyed out when "require secure channel" is deselected), then you can access
> the pages as normal. IIS is failing to ignore the 128 bit requirement when
> SSL is turned off.
>
> Adam

Laurent LEVIER
IT Systems & Networks, Unix System Engineer
Security Specialist

Argosnet Security Server : http://www.Argosnet.com
"Le Veilleur Technologique", "The Technology Watcher"

Argosnet II is in progress, opening summer 2000