Closed
Bug 1139046
Opened 10 years ago
Closed 10 years ago
(www.)pretzellogix.net is RC4 and Camellia only
Categories
(Web Compatibility :: Site Reports, defect)
Web Compatibility
Site Reports
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: bugzilla, Unassigned)
References
()
Details
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:36.0) Gecko/20100101 Firefox/36.0
Build ID: 20150224133805
Steps to reproduce:
Went to website in Firefox 36.0: https://www.pretzellogix.net
Actual results:
Grey triangle appears and when clicked on says "partially encrypted connection". No certificate is available to be examined despite this being a fully encrypted HTTPS site.
Expected results:
In Firefox 35.0, the same website shows the grey lock symbol and the certificate button appears and can be examined.
Reporter | ||
Comment 1•10 years ago
|
||
This might be a duplicate of this other bug: https://bugzilla.mozilla.org/show_bug.cgi?id=947079
But I'm not sure since this other bug seems to indicate that the bug was still there in Firefox 35.0, yet I did not experience this issue in FF 35.0.
Reporter | ||
Updated•10 years ago
|
OS: Linux → All
Comment 2•10 years ago
|
||
The message in the triangle doesn't contain only "mixed content" but also "encryption is not strong enough".
The reason in this case is that the encryption is not strong enough because the Cipher handshake ends with RC4.
The result from https://www.ssllabs.com/ssltest/analyze.html?d=pretzellogix.net
>TLS 1.2 Yes
>TLS 1.1 Yes
>TLS 1.0 Yes
>SSL 3 No
>SSL 2 Yes
Cipher suites:
>TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) WEAK 128
>TLS_RSA_WITH_RC4_128_SHA (0x5) WEAK 128
>TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x84) 256
>TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x41)
CAMELLIA is not supported anymore by Firefox and RC4 is weak encryption and triggers the triangle.
Moving to PSM to confirm my findings and to mark this invalid
Component: Untriaged → Security: PSM
Product: Firefox → Core
![]() |
||
Comment 3•10 years ago
|
||
(In reply to Matthias Versen [:Matti] from comment #2)
> The message in the triangle doesn't contain only "mixed content" but also
> "encryption is not strong enough".
>
> The reason in this case is that the encryption is not strong enough because
> the Cipher handshake ends with RC4.
> The result from
> https://www.ssllabs.com/ssltest/analyze.html?d=pretzellogix.net
>
> >TLS 1.2 Yes
> >TLS 1.1 Yes
> >TLS 1.0 Yes
> >SSL 3 No
> >SSL 2 Yes
>
>
> Cipher suites:
> >TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) WEAK 128
> >TLS_RSA_WITH_RC4_128_SHA (0x5) WEAK 128
> >TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x84) 256
> >TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x41)
>
> CAMELLIA is not supported anymore by Firefox and RC4 is weak encryption and
> triggers the triangle.
>
> Moving to PSM to confirm my findings and to mark this invalid
Indeed this is correct. Morphing this bug into a TE bug instead.
Blocks: RC4-Dependence
Status: UNCONFIRMED → NEW
Component: Security: PSM → Desktop
Ever confirmed: true
Product: Core → Tech Evangelism
Hardware: x86_64 → All
Summary: Firefox 36.0 shows grey (!) triangle (partially unencrypted connection) -- ver 35.0 showed grey lock symbol → (www.)pretzellogix.net is RC4 and Camellia only
Version: 36 Branch → unspecified
Comment 4•10 years ago
|
||
> Server hostname 50-87-223-114.unifiedlayer.com
Yet another unifiedlayer.com instance (others are bug 1133312 and bug 1137444). We should contact the hosting company because probably the site owners have no ability to change the server settings.
Assignee | ||
Updated•6 years ago
|
Product: Tech Evangelism → Web Compatibility
You need to log in
before you can comment on or make changes to this bug.
Description
•