From: Mike N. 

On Mon, 22 Nov 2004 20:36:50 -0500, Mike N.  wrote:

>I am unable to display secure web pages on my laptop - XP SP2.   (Instant
>"This page cannot be displayed")  I don't remember ever going
to a secure
>web page since it was installed so I don't know when/how it stopped
>working.  I have already been through the troubleshooting steps at
>
>  http://support.microsoft.com/default.aspx?scid=kb;en-us;870700

   Finally, I got it.   First I was poking around and enabled TLS 1.0 and I
could get to some secure sites but not others.  The better sites indicated
that they couldn't negotiate a high enough security level.   The answer was
a local security policy I had set: "System cryptography: Use FIPS
compliant algorithms for encryption, hashing, and signing".  My
analysis is that I need that for 'much better' protection of local
accounts/SAM  and EFS-encrypted files.

   Now that I put in the right search terms, I see that this is a well
known problem; IE doesn't enable the stronger TLS by default and this is
required for FIPS compliance.  Also, many sites cannot negotiate TLS 1.0
and this explains the second part.

 Oh Well, I wish MS had included that item on the referenced KB article.
I'll send them a comment.

--- BBBS/NT v4.01 Flag-5