nanog mailing list archives

Previous By Date Next
Previous By Thread Next

SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers

From: Matthew Huff <mhuff () ox com>
Date: Thu, 16 Jul 2015 15:45:20 +0000
Just ran into this issue this morning. The SEC requires companies to file EDGAR reports on https://edgarfiling.sec.gov. 
The newer versions of Firefox won't let you access the webpages without manually going into about:config and 
re-enabling the weak ciphers. Given the recent issue with the OPM, I would think this would be a very bad follow-up if 
the SEC got hacked.

SSLLabs gives the website an "F". IE 11 won't work either (for other reasons).  
https://www.ssllabs.com/ssltest/analyze.html?d=edgarfiling.sec.gov

The website looks like it was designed in the '90s. I've tried to reach out to their contacts (webmaster, oig, etc...) 
but haven't gotten a reply yet. It's possible that I might get a reply eventually, but does anyone have any direct 
contacts at the SEC?


----
Matthew Huff             | 1 Manhattanville Rd
Director of Operations   | Purchase, NY 10577
OTA Management LLC       | Phone: 914-460-4039
aim: matthewbhuff        | Fax:   914-694-5669
Previous By Date Next
Previous By Thread Next

Current thread: