in reply to Is it possible to check the client's SSL/TSL version?
This is becoming a major issue as any site supporting IE7 and older will begin to fail PCI within the year. So this is an important thing to be able to check.
One way that it could be done is to use multiple IPs or Virtual Hosts, each with SSL enabled, but with each one supporting only one SSL or TLS version. Then use JavaScript on a single page to get an image or script from each of them configured servers. Coalesce the results in JavaScript and report back. Largest cost is the multiple IPs and/or domain names and a bit of time to setup your Apache configs. (You may be able to do this with a Perl daemon, but I'm not aware of many of them that support separate SSL Virtual Host setups).
One way that it could be done is to use multiple IPs or Virtual Hosts, each with SSL enabled, but with each one supporting only one SSL or TLS version. Then use JavaScript on a single page to get an image or script from each of them configured servers. Coalesce the results in JavaScript and report back. Largest cost is the multiple IPs and/or domain names and a bit of time to setup your Apache configs. (You may be able to do this with a Perl daemon, but I'm not aware of many of them that support separate SSL Virtual Host setups).
my @a=qw(random brilliant braindead); print $a[rand(@a)];
In Section
Seekers of Perl Wisdom