cancel
Showing results for 
Search instead for 
Did you mean: 

Receiving invalid certificate reports after nearly 3 months!

N/A

Receiving invalid certificate reports after nearly 3 months!

This has been reported on many occasions going back to November 2005 and was brought up at the customer meeting in December too. In help and support, when clicking on contact us the following security announcement appears:



Quote
The name on the security certificate is invalid or does not match the name of the site


Isn't it about time this was fixed? It can't be rocket science and would take a matter of minutes in the developers busy workload!

Mark
32 REPLIES
N/A

Receiving invalid certificate reports after nearly 3 months!

Ah well, the gentle nudge to CS to look into this matter has failed. Guess i'll just have to open a ticket. It is ridiculous that something this minor could not have been sorted when first mentioned towards the end of November 2005 Evil
ukbrown
Grafter
Posts: 132
Registered: 30-07-2007

Receiving invalid certificate reports after nearly 3 months!

I raisewd a ticket about two years ago.
N/A

Receiving invalid certificate reports after nearly 3 months!

Yes, my ticket has been open over a week with no action. One word SHODDY!!!!!
N/A

Receiving invalid certificate reports after nearly 3 months!

Opt out? Why would you want to opt out of being notified that a security certificate on a site is invalid? Surely, that would mean F9 aren't taking security seriously and just want to "brush the issue under the carpet" instead of resolving the problem?

Quote
PlusNet are totally committed to safe surfing. We take pride in guarding you from online menaces, by providing the latest news, tools and guides. We’ll do our utmost to ensure you enjoy being online, without fear of infection or invasion of privacy.


Or am I missing something here?

(please note. This message was in response to a reply from Ben Brown which has subsequently been removed due to being in the wrong place!!)
Ben_Brown
Grafter
Posts: 2,839
Registered: 13-06-2007

Receiving invalid certificate reports after nearly 3 months!

Apologies, I seem to have posted that response in the wrong thread, I'll remove it.

This issue with the certificate miss-match has been raised as a problem and will be fixed shortly.

Although the names on the certificate don't match at the moment this doesn't make the site any less secure than if the names did match.
N/A

Receiving invalid certificate reports after nearly 3 months!

Quote
Although the names on the certificate don't match at the moment this doesn't make the site any less secure than if the names did match.


That's a may be Ben, but for a company that extols the virtue of online security as it does (see quote in thread above), in excess of 3 months to get it changed is a little excessive, don't you think? Add to that the new users who may not know much about F9 and it's services, or who are new to the internet, it doesn't give a very good representation does it?

Mark
N/A

Receiving invalid certificate reports after nearly 3 months!

i agree, it shouldn't take them that long to update the certificate.

not only that if users think the certs out of date, then they may not accept it, thinking it's a bogus one.
N/A

Receiving invalid certificate reports after nearly 3 months!

Ticket opened on the 16th, last reply on the 24th. WTF is going on at F( these days?
N/A

Receiving invalid certificate reports after nearly 3 months!

QA at F9 seems to have a different view to end users about the validity of certificates being reported as incorrect:

Quote
Our QA team have looked in to this and informed us that the certificate is fully valid for the domain until 22/07/2006. There is no further action required.


So once again, F9 make up their own rules. Security is of utmost importance to F9/ +Net. It is so important in fact that we can't be bothered to ensure the correct certificate is used on the correct domain. We will just fob you off and tell you that the certificate is valid and stuff your thoughts!!

Time to look around again for someone that does give a stuff!
N/A

Receiving invalid certificate reports after nearly 3 months!

Hi ,

F9 wrote:
Quote

Our QA team have looked in to this and informed us that the certificate is fully valid for the domain until 22/07/2006. There is no further action required.
**This just goes to show a) how amateurish F9 management thinking is b) How little F9 actually really cares about its real customers c) Once again proves that the lights may be on at F9 towers but theirs nobody at home, nobody is really listening to customers. Its the sort of stuff that makes me want to start looking for another ISP.

Ivan
JonathanW
Grafter
Posts: 2,648
Registered: 02-10-2007

Receiving invalid certificate reports after nearly 3 months!

This is something that I've passed back through internally, to ensure that the appropriate certificates are being used. It would appear that when the problem was initially raised some information was missed out, which is what led to the comments you've already seen.
N/A

Receiving invalid certificate reports after nearly 3 months!

Hi Jon,

How about F9 making an individual member of staff personally responsible for checking that certificates, that they are checked and double checked so these kind of errors dont happen again in future. The fact that this has happened yet again leads me to conclude that nobody is taking responsability for it, this isnt the first time we've all seen issues with security certificates so its NOT a new problem. It smacks of careless-ness or sloppy attitudes IMO.

Ivan
N/A

Receiving invalid certificate reports after nearly 3 months!

I agree Ivan,

it is sloppyness on F9 part.

In my view they should get it sorted asap, all it takes is someone to have their details copied and hey presto the customer could end up sueing F9 over it because of their lapse of security.

I don't think this will ever happen but it's something they should be concerned about, in this day and age.

regards
mike
N/A

Receiving invalid certificate reports after nearly 3 months!

Hi Mike,

Where security is a concern no ISP can afford to be sloppy, certificates or otherwise.

Ivan