https://identity.virginmedia.com/ uses RC4 and is not treated as secure by Firefox

RESOLVED DUPLICATE of bug 1129887

Status

Tech Evangelism
Desktop
RESOLVED DUPLICATE of bug 1129887
3 years ago
3 years ago

People

(Reporter: Nigel, Unassigned)

Tracking

Firefox 37
x86_64
Windows 7

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

3 years ago
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0
Build ID: 20150320202338

Steps to reproduce:

Go to www.virginmedia.com

Take the email option and go to https://identity.virginmedia.com/


Actual results:

Firefox reported that the websites identity could not be verified




Expected results:

Firefox should have shown the sites identity and the site identity button should have gone green.

Validated this should happen with IE11 and Chrome.  It used to be that on an older version of Firefox.  Tried Firefox with a new clean profile

Comment 1

3 years ago
The website uses an outdated cypher, and that's why it's not showing up as secure. They should reconfigure their server. See also:

https://www.ssllabs.com/ssltest/analyze.html?d=identity.virginmedia.com

for an independent analysis of the site. I'm a Virgin media customer, so I can see if I can contact them about this.
Group: core-security
Status: UNCONFIRMED → NEW
Component: Untriaged → Desktop
Ever confirmed: true
Flags: needinfo?(gijskruitbosch+bugs)
Product: Firefox → Tech Evangelism
Summary: Firefox site identity error → https://identity.virginmedia.com/ uses RC4 and is not treated as secure by Firefox
Version: 36 Branch → Firefox 37

Comment 2

3 years ago
Left a message on the pre-existing forum topic about this: http://community.virginmedia.com/t5/Internet-Security/Please-fix-your-insecure-server/td-p/2785747/highlight/false .

I was unable to find a more direct way of reporting this to them. It seems they've been aware of this for a while now with no response so far.
Flags: needinfo?(gijskruitbosch+bugs)

Comment 3

3 years ago
(The summary there is currently a bit misleading, but this is basically a dupe of Bug 1129887).
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1129887
You need to log in before you can comment on or make changes to this bug.