Ajp13/mod_jk - returning mod_ssl's SSL_CIPHER_USEKEYSIZE environment variable

[David Wall <dw...@myEastside.com>]

A quick look over the source code for mod_jk and the 1.3 connector seem to show that adding the mod_ssl environment variable SSL_CIPHER_USEKEYSIZE would not be too hard, perhaps based on cloning the code that implements SSL_CIPHER handling.

Can the SSL_CIPHER_USEKEYSIZE environment param be added so that servlets can determine the key lengths used (low, medium or high encryption)?  It makes a lot of sense to be able to see this value in connection to SSL_CIPHER since 40-bit encryption is weak no matter what SSL cipher is being used.  We'd like to be able to alert people to this and inform them that they can upgrade their browser to have better SSL protection.  In fact, one of our customers even wants to reject people who use few than 128bits, and while this can be done "harshly" via mod_ssl, we'd prefer to redirect users to a page explaining things more clearly.

Thanks,
David