-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 is there a way (perhaps using extended 'options' section?), to enforce a minimum cipher strength / type for the connecting client? a solution would be to use apache 2's sslproxy to stunnel (yikes), but stunnel rocks :) apache / mod_ssl - from httpd.conf # SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:- SSLv2:+EXP:+eNULL -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.4 wkYEARECAAYFAkHSUs4ACgkQdgNHoxEs/oi+2ACfYPDjijulcO0luIPfV2oYZ4aLWdAA niumLVXQRaEEK12TO5EF12e9ay/b =aNe8 -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427