40 bit certificate sites unusable ?

VERIFIED INVALID

Status

()

Core
Security: PSM
P3
major
VERIFIED INVALID
18 years ago
13 years ago

People

(Reporter: Erwan David, Assigned: David P. Drinan)

Tracking

Other Branch
x86
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

18 years ago
I'm unable to connect to above mentinned site. I get
1) the page I was on before trying to get there
2) a barred closed lock in right bottom corner
3) in the xterm from which I launched mozilla, the following message :
Error loading URL https://www.live.bprop.banquepopulaire.fr/servlet/ident?a=i:
80004005

I wonder wether the use of a 40 bit encryption by this server could the source
of the problem.
I tried other https sites, all with 128bit encryption were Ok, all with 40bit
encryption did not work.

Comment 1

18 years ago
This site may not implement SSL correctly.  When you turn off TLS in N6, it works.

junruh and nitinp: can you test this hypothesis with those TLS tools?

Assignee: lord → ddrinan

Comment 2

18 years ago
www.live.bprop.banquepopulaire.fr is a TLS intolerant server that violates the 
SSL3/TLS "version roll back" rule. The workaround for Netscape 6 is to open the 
Security Manager, click on Advanced, Options, and disable TLS.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → INVALID

Comment 3

18 years ago
ccing people

Comment 4

18 years ago
Verified invalid.
Status: RESOLVED → VERIFIED

Updated

13 years ago
Component: Security: PSM → Security: PSM
Product: PSM → Core
You need to log in before you can comment on or make changes to this bug.