Closed Bug 307275 Opened 19 years ago Closed 19 years ago

rabobank.nl fails without SSL 2.0 support

Categories

(Tech Evangelism Graveyard :: Dutch, defect, P1)

Product:
Tech Evangelism Graveyard
Component:
Dutch
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: djcater+bugzilla, Unassigned)

References

(
URL
)

Details

(Whiteboard: ssl2) 

https://www.rabobank.nl/ fails without SSL 2.0 support. Site should upgrade. See
bug 307271 for details.
Priority: -- → P1
Whiteboard: ssl2
Dependency to bug 203914?
Summary: https://www.rabobank.nl/ fails without SSL 2.0 support → rabobank.nl fails without SSL 2.0 support
contacted their helpdesk again.

An internet helpdesk contact btw isn't easy to find on their site, and helpdesk issues are outsourced to call-it.com

Also asked for an in-bank contact.
Got a nice and fast reply from the bank:
"Er gaat zeer binnenkort een ingrijpende verandering plaatsvinden waarmee het begin wordt gemaakt, om ook niet-IE browsers zonder problemen te kunnen laten werken met de Rabobank-website. Het is, voor zover ons bekend, de bedoeling dat deze volgens de W3C standaarden zal zijn. Een voorproefje hiervan is is te vinden op "www.rabobank.nl/spr". Voorlopig begint het met alleen de non-secure pagina's, maar de secure zullen te zijner tijd volgen."

Summarized: they're working on a new W3C compliant site, see http://www.rabobank.nl/spr for a teaser. They'll first do the non-secure pages, later the secure ones.
That's great, except that this isn't about W3C compliance, it's about webserver configuration. If they upload their new W3C site to the same old servers, there will be no improvement.

It might be useful to make this point.

Gerv
(In reply to comment #4)
> That's great, except that this isn't about W3C compliance, it's about webserver
> configuration. If they upload their new W3C site to the same old servers, there
> will be no improvement.
> 
> It might be useful to make this point.


I know :)

There are currently several Rabobank.nl Tech Evang bugs open, so i contacted them in general, but specifying the individual bugs. Main focus of my mail was on the general unsupported state of Gecko browsers such as the bank lists it on their own website, and as shown upon first visit. 

Their reply, as quoted above in summary, was a more general reply about the upcoming site update without addressing in detail the specific issues that i informed them about.

As comment 0 from this bug correctly mentions, details about this particular issue can be found in bug 307271.

I hope this clarifies things a bit?
https://www.rabobank.nl no longer supports SSL2.0. They've switched to SSL3.0 and TLS1.0 (128-bit and above):

Enc=3DES(168) DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Mac=SHA1
Enc=RC4(128) RC4-SHA SSLv3 Kx=RSA Au=RSA Mac=SHA1
Enc=RC4(128) RC4-MD5 SSLv3 Kx=RSA Au=RSA Mac=MD5

Can anyone close this one (not sure if I can nor how).
Changing to RESOLVED - FIXED per comment #6.
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Status: RESOLVED → VERIFIED
Product: Tech Evangelism → Tech Evangelism Graveyard
You need to log in before you can comment on or make changes to this bug.