Closed Bug 1127204 Opened 9 years ago Closed 9 years ago

bankofthewest is TLS 1.2 intolerant and RC4 only

Tracking

(Not tracked)

Status:

RESOLVED FIXED

People

(Reporter: mt, Unassigned)

References

(
URL
)

Details

Martin Thomson [:mt:]

Reporter

Description

•

9 years ago

www.bankofthewest.com as well as etimebanker. and images. are TLS 1.2 intolerant.

We should ask them to upgrade their stack.  If they can't, the whitelist in bug 1037424 might be a good choice.  If we do neither, then we both stand to lose users.

Martin Thomson [:mt:]

Reporter

Comment 1

•

9 years ago

The report from ssllabs is pretty dire: https://www.ssllabs.com/ssltest/analyze.html?d=bankofthewest.com

Just one bad cipher suite: RC4.  SSL3 support.  TLS 1.2 intolerant.  SHA-1 certificates.

EV certificates and HSTS are indications that someone cares about security.

:Cykesiopka

Comment 2

•

9 years ago

(In reply to Martin Thomson [:mt] from comment #1)
> Just one bad cipher suite: RC4.

Specifically TLS_RSA_WITH_RC4_128_SHA.

Blocks: RC4-Dependence

Summary: bankofthewest is TLS 1.2 intolerant → bankofthewest is TLS 1.2 intolerant and RC4 only

Masatoshi Kimura [:emk]

Comment 3

•

9 years ago

Fixed.

Status: NEW → RESOLVED

Closed: 9 years ago

Resolution: --- → FIXED

Nobody; OK to take it and work on it

Assignee

Updated

•

5 years ago

Product: Tech Evangelism → Web Compatibility

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

bankofthewest is TLS 1.2 intolerant and RC4 only

Categories

(Web Compatibility :: Site Reports, defect)

Tracking

(Not tracked)

People

(Reporter: mt, Unassigned)

References

(
URL
)

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Comment 2

Comment 3

Updated