1) Visit https://my.virginmedia.com/home/signIn in latest Nightly using a clean profile. 2) Visit same URL in Chrome dev. Expected: Login page appears with username and password fields visible etc, for both Nightly and Chrome. Actual: Only works in Chrome, fails in Nightly with: """ Secure Connection Failed The connection to identity.virginmedia.com was interrupted while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. """
9:11.07 LOG: MainThread Bisector INFO Last good revision: f1f48ccb2d4e 9:11.07 LOG: MainThread Bisector INFO First bad revision: 5b01216f97f8 9:11.07 LOG: MainThread Bisector INFO Pushlog: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=f1f48ccb2d4e&tochange=5b01216f97f8 I couldn't bisect further on inbound using mozregression, due to bug 1129897. However in that range is bug 1084025: https://hg.mozilla.org/mozilla-central/rev/35f5ec149ad5 Setting security.tls.version.fallback-limit back to 1, makes identity.virginmedia.com load successfully. Moving to Tech Evang given bug 1084025 comments and it's dep bug 1126620 which tracks the TE side. That said, we _really_ need a better error message here - I wasted over 90 minutes of Mozilla time (thanks also to mozregression issues slowing things down) filing this bug/tracking this down, which could have been avoided if the message said something like "See this FAQ" -> link to page explaining the disabling of the version fallback and the bug number :-(
I've sent an email to the registrant email listed at http://whois.domaintools.com/virginmedia.com (domain_admin[at]virgin[dot]com) as well as hostmaster[at]virginmedia[dot]com for good measure. Sadly there isn't yet an FAQ or blog post that I can link to, that concisely explains what the website owners need to do. Masatoshi, is there one I haven't found?
(In reply to Ed Morley [:edmorley] from comment #3) > I've sent an email to the registrant email listed at > http://whois.domaintools.com/virginmedia.com > (domain_admin[at]virgin[dot]com) as well as > hostmaster[at]virginmedia[dot]com for good measure. > > Sadly there isn't yet an FAQ or blog post that I can link to, that concisely > explains what the website owners need to do. Masatoshi, is there one I > haven't found? Probably no. We should create it.
There's other services that need to be whitelisted and raised with Virgin: identity.virginmedia.com https://www.ssllabs.com/ssltest/analyze.html?d=identity.virginmedia.com&latest RC4-only, TLS 1.2 intolerant national.virginmedia.com https://www.ssllabs.com/ssltest/analyze.html?d=national.virginmedia.com&latest RC4-only, TLS 1.2 intolerant payments.virginmedia.com https://www.ssllabs.com/ssltest/analyze.html?d=payments.virginmedia.com&latest RC4-only, TLS 1.2 intolerant ebill2.virginmedia.com https://www.ssllabs.com/ssltest/analyze.html?d=ebill2.virginmedia.com&latest RC4-only, TLS 1.2 intolerant
Please can we make this also block on 1138101
For completeness of this bug, there's also: allyours.virginmedia.com https://www.ssllabs.com/ssltest/analyze.html?d=allyours.virginmedia.com&latest RC4-only, TLS 1.2 intolerant
I have just had an update from Virgin: "This is something that is being taken very seriously, and we are aware, and have a project in place to rectify the problem."
(Updating summary to reflect the expanded purpose of this bug).
Have raised this to VirginMedia - it may need many writing to the CEO of VirginMedia to get some action by them or to raise a complaint to the Information Commissioners Office
https://my.virginmedia.com/ seems fixed, but not anything else.
(In reply to Cykesiopka from comment #12) > https://my.virginmedia.com/ seems fixed, but not anything else. not working for me; aurora 42.0a2 (2015-09-11)
(In reply to Calum Mackay from comment #13) > (In reply to Cykesiopka from comment #12) > > https://my.virginmedia.com/ seems fixed, but not anything else. > > not working for me; aurora 42.0a2 (2015-09-11) Hmm, https://my.virginmedia.com (126.96.36.199) continues to work fine here, and I run Aurora 42 as well. https://www.ssllabs.com/ssltest/analyze.html?d=my.virginmedia.com > TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) DH 1024 bits (p: 128, g: 1, Ys: 128) FS WEAK 128 > TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) DH 1024 bits (p: 128, g: 1, Ys: 128) FS WEAK 256 > TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128 > TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256 > TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) 112 > Firefox 39 / OS X R TLS 1.0 TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) FS 128 > Long handshake intolerance No > TLS extension intolerance No > TLS version intolerance No Maybe you're hitting a different server from load balancing or something? Also, make sure you're actually visiting just https://my.virginmedia.com/. https://my.virginmedia.com/home/signIn/ from comment 0 actually redirects to the still broken https://identity.virginmedia.com/.
my apologies, you're right. I mis-read which site you were saying was fixed, sorry.
(In reply to Calum Mackay from comment #15) > my apologies, you're right. I mis-read which site you were saying was fixed, > sorry. No worries.
I am having problems with this site: http://salesleadform.virginmedia.co.uk Any idea when this will be fixed? Thanks CLS
CLS, You need to ask Virgin. The fault is with them, not with Firefox. https://dev.ssllabs.com/ssltest/analyze.html?d=salesleadform.virginmedia.co.uk&hideResults=on Cheers, Nick
If we're going to contact them, here are some possible contact points: Contactlink: http://help.virginmedia.com/ http://twitter.com/virginmedia http://www.facebook.com/virginmedia I tweeted them, but if someone has a better contact please reach out..
payments.virginmedia.com and ebill2.virginmedia.com are fixed, but other servers are still broken.
My parents have 5 email addresses at virginmedia: who are their ISP. They use Firefox. Each of my parents has a 'special Firefox Profile JUST for virginmedia webmail'. As many will know, virginmedia are bringing their 'customer paid for email service' (which used to be provided by Google) in house. I spent several hours trying to help them and I have reported their issues to virginmedia. While I was on the phone I also told virginmedia about *this* bug. I said I would update it this evening (because virginmedia say are going to look at it). My parents have a bookmark which used to allow them to login to their webmail. They do not use https://my.virginmedia.com (see comment # 12) I am simulating their login (on another computer at a different physical address in the same city). Browser: Firefox 42 (current release) in "about:config" security.ssl.require_safe_negotiation set to "false" security.ssl.treat_unsafe_negotiation_as_broken set to "false" (in my normal usage I have these both set to "true"). Browse to: https://mail.virginmedia.com this is redirected to https:/mail2.virginmedia.com/appsuite/ this then is redirected to https://identity.virginmedia.com here Firefox (correctly) reports: > Web site: identity.virginmedia.com > Owner: This web site does not supply ownership information. > Verified by: Not specified In the "Technical Details" box "Broken Encryption (TLS_RSA_WITH_RC4_128_MD5, 128 bit keys, TLS 1.0)" If you work for virginmedia, or if you intend to use the virginmedia webmail, please see: https://www.ssllabs.com/ssltest/analyze.html?d=identity.virginmedia.com DJ-Leith
allyours.virginmedia.com and salesleadform.virginmedia.co.uk are fixed, but other servers are still broken.
identity.virginmedia.com seems to be fixed now. https://www.ssllabs.com/ssltest/analyze.html?d=identity.virginmedia.com
national.virginmedia.com is still broken. Why Virgin Media does not know all their servers themselves? :(
national.virginmedia.com has been fixed. I don't know broken subdomains anymore.