Connection is not private
cuatela
Posts: 292 Arc User
According to my browser's information, going through "http://www.arcgames.com/en/forums#" or "http://perfectworld.vanillaforums.com/" my connection is not private or encrypted. I suppose I shouldn't be surprised, since the connection to arcgames.com is also reporting as not private or encrypted, but it is a bit of a security issue.
Attempting to go to "http://www.arcgames.com/en/forums#" redirects back to http. Attempting to go to "https://perfectworld.vanillaforums.com/" will stay https (although Chrome reports "obsolete cryptography").
Attempting to go to "http://www.arcgames.com/en/forums#" redirects back to http. Attempting to go to "https://perfectworld.vanillaforums.com/" will stay https (although Chrome reports "obsolete cryptography").
I still want bare feet.... on ALL costumes.
0
Comments
-
That's because they're using the broken RC4 encryption and 3rd party cookies. Those cause significant issues.These forums suck. ~Omega X0
-
You may want to take a look at these bug reports:
http://perfectworld.vanillaforums.com/discussion/1190682/firefox-isnt-accepting-ssl-certificate-from-arcgames-com
http://perfectworld.vanillaforums.com/discussion/1190685/ssl-error-on-arcgames-com-ssl-error-no-cypher-overlap
EDIT: To clarify, I don't think the old forums supported encryption for posting either, though I may be wrong about this. They did support encryption for logging in. What concerns me is that Firefox is reporting broken cryptography for arcgames.com, not only for logging in, but also for billing. I reported the problem with the SSL certificate more than a month ago. The reports about the ssl_error_no_cypher_overlap error are more recent, but the problem has been reported by multiple people. So far, there has been no statement from PWE that they looking into or even aware of these problems.Post edited by frtoaster on0