General questions: SSL Compatiblity

I wasn't sure which forum to put this in...

My boss wants me to install a secure page to do transactions, with SSL. I've set up SSL properly and have a working page and certificate... so it's all good on that front.

Four questions I want to ask are:



1. How compatible is SSL with older browsers?

2. If an older browser is incompatible and tries to access an SSL enabled page, what will happen?

3. If an older broswer can access that page, but form posting is still available, are there any legal ramificiations if security is compromised?

4. Is there a way to BLOCK older browsers if they cannot process SSL?


Thanks in advance

1. How compatible is SSL with older browsers?

This is probably going to come down to "how old is older?". Anything from the last 4 years or so shouldn't be a problem, provided they have the ability to cope with SSL. I only mention the ability to cope with SSL because it isn't always standard.

2. If an older browser is incompatible and tries to access an SSL enabled page, what will happen?

As I recall they get an error that prevents them from even seeing the page in question.

3. If an older broswer can access that page, but form posting is still available, are there any legal ramificiations if security is compromised?

Probably. You can get sued for anything. I'd talk to your legal department and have them come up with a disclaimer.

4. Is there a way to BLOCK older browsers if they cannot process SSL?

You can check what browser a user is using, but it may or may not tell you if it's SSL capable and in fact it may not tell you truth at all.

Hope this helps.
wdn2k