Yes they should have taken MOA offline and removed the DNS entry
But anyhow an expired cert still works just as well as a 'current' cert. It isn't stripped of its crypto-skillz just because an arbitrary date has passed.
Source: being an Abbey retail customer; we were informed of this change.
My wife still gets redirected to that page from retail.santander.co.uk on entering her customer number.
It doesn't automatically indicate insecurity, but it does indicate that there is a system that isn't being actively maintained properly but is still up.
So the issue is that their certificate expired? Not their using SSL3.0 instead of any TLS implementation?
Qualys SSL lab fails them immediately because they can't even connect via TLS. Opera says I'm connecting with, "RC4_128bit with an MD5 RSA signed key." I'm actually surprised their public modulus is 2048 bits long.
6 comments
[ 2.7 ms ] story [ 28.6 ms ] threadYes they should have taken MOA offline and removed the DNS entry
But anyhow an expired cert still works just as well as a 'current' cert. It isn't stripped of its crypto-skillz just because an arbitrary date has passed.
Source: being an Abbey retail customer; we were informed of this change.
It doesn't automatically indicate insecurity, but it does indicate that there is a system that isn't being actively maintained properly but is still up.
Qualys SSL lab fails them immediately because they can't even connect via TLS. Opera says I'm connecting with, "RC4_128bit with an MD5 RSA signed key." I'm actually surprised their public modulus is 2048 bits long.
Yeah...