back to article BT's IPv6 EXPIRED security certificate left to rot on its website

BT may insist that it is committed to a smooth transition to the new interwebs address system – IPv6 – but a quick glance at the company's corporate website last month left some Brits questioning the one-time national telco's promise. That's because the telecoms giant embarrassingly failed to spot the fact that its security …

COMMENTS

This topic is closed for new posts.
  1. N2 Silver badge

    Worked for me

    Realising I had gone to BT in error & thus unlikely to find anything helpful I clicked 'Get me out of here'

  2. Captain Scarlet Silver badge
    Facepalm

    At least they are committed to something.

    1. Tom 13

      @Captain Scarlet

      Based on the comments I see here about BT, it sounds like they should simply be committed, preferably under a judges order so they can't sign themselves out.

  3. Joe Montana

    V6 pioneers..

    BT were one of the pioneers of ipv6, they even used to run a free ipv6 tunnel service a few years ago... I wonder what's happened since those days.

  4. K

    Implementation of IPv6 is a farce..

    I've been trying to get this supported by both my home ISP and our leased line provider for about 2 years.. When I ask, the only response I get is "Our plans are currently not advanced enough to discuss them!".

    F-Arse!

    1. SMabille

      Re: Implementation of IPv6 is a farce..

      Time to switch ISP. People like A&A have been providing IPv6 on both leased lines and personal ADSL for as long as I can remember (probably 10 years!)

      1. sthen

        Re: Implementation of IPv6 is a farce..

        There are a number of choices - see https://www.sixxs.net/faq/connectivity/?faq=native&country=gb (or remove the &country=gb if outside the UK).

        1. This post has been deleted by its author

          1. Nick Ryan Silver badge

            Re: Implementation of IPv6 is a farce..

            You wouldn't believe how many Internet projects I come across that have exactly the same kind of blind arrogance like this. It's enough to give the entire industry a bad name... :)

        2. Jamie Jones Silver badge
          FAIL

          Re: Implementation of IPv6 is a farce..

          The main problem with sixxs is one of the guys in charge is on some sort of ego power trip .

          Stick with he.net or hexago if you want a free local broker that isn't in danger of being switched off for no reason by someone who behaves more like a basement geek IRC operator than a professional.

          One typical example I just googled: http://www.habets.pp.se/sixxs.net-sucks.php

      2. NogginTheNog
        Thumb Down

        Re: Implementation of IPv6 is a farce..

        When even products like Exchange 2013 (not the year in the name!) aren't 100% IPv6 compatible, then I really do wonder whether the migration to pure '6 will ever happen?

      3. Paul

        Re: Implementation of IPv6 is a farce..

        I've had FTTC and before that ADSL2/2+ with proper (not tunnelled) IPv6 for over two years at home; I have a /56 block at home, and even my VPN to my house provides v6 communication.

  5. frank ly

    " ... failed to spot ..."

    Somebody should introduce them to 'calendar apps' and 'event alarms'.

    1. Anonymous Coward
      Anonymous Coward

      Re: " ... failed to spot ..."

      indeed - particularly as exactly the same happened last year.

      1. Ole Juul

        Re: " ... failed to spot ..."

        Send them a pad of sticky notes. (proven technology)

        1. nevstah

          Re: " ... failed to spot ..."

          sticky notes with glue that expires after 11 months, now that would be great! anything thats fallen on to your desk overnight needs to be acted on!!

  6. TomH72
    Facepalm

    Unaware my arse...

    I know that at least two people told them about this on 20th February, because one of them was me:

    https://twitter.com/thughes/status/436415632134131712

    https://twitter.com/aaisp/status/436419441056677888

    Not that I ever got any response of course...

    1. mordac
      FAIL

      Re: Unaware my arse...

      I'm not sure it's specific to IPv6. I've seen the updated certificate on a V6-capable connection, and the expired certificate on a IPV4-only connection (as well as vice versa). I think they have a CDN node that still hold the old certificate.

      A colleague reported it via twitter, and was told (by @btcare) "Everything seems fine from our end".

  7. Roger Varley

    Pardon?

    "We, in BT, continue to manage efficiently our allocation of IPv4 address space and are also taking the necessary steps to manage a transition to IPv6."

    Hmmm -> http://btsupport.custhelp.com/app/answers/detail/a_id/44044/c/6433

  8. Lee D Silver badge

    And The Reg's plans to show their support by IPv6 by putting up a single AAAA record and actually bothering to enable it for a single website, obviously show up BT's national-telco for not bothering to enable it for every single one of their customers?

    Rule #1: You can post a snide article about IPv6 support when your website supports it. (And, yes, mine does).

    Until then, you're just adding to the problem, not leading the way towards adoption.

    1. Anonymous Coward
      Anonymous Coward

      In a similar vein....

      And The Reg's plans to show their support by good security practice by having our usernames and passwords sent in clear text to this forum rather than bothering to enable https for a single website?

      Rule #1: You can post a snide article about security when your website supports it.

      Until then, you're just adding to the problem, not leading the way towards adoption.

      1. gazthejourno (Written by Reg staff)

        Re: In a similar vein....

        If you use the same email/password combo for El Reg comments as you do for something important (say, oh I dunno, your ISP login creds...), then you probably deserve the inevitable consequences.

        1. Lee D Silver badge

          Re: In a similar vein....

          Although this is, indeed, correct it still does not exclude a tech journalism site from eating their own dog-food.

          It would take a phone call to your host, a few grand, and a bit of tinkering to enable both IPv6 access and SSL access (at least for the login stage, blanket SSL might impact the number of servers required, etc.).

          But it annoys me that The Reg, Slashdot, all these "Ha, look how stupid these people are to not enable IPv6 / SSL / SPF / Whatever already" sites never have it enabled.

          If I can do it in an afternoon for my own personal dedicated server, it shouldn't take the Reg this many years of snarky comments to also enable it for themselves. Hell, it's not like IPv6 even costs money on new product - anything you have almost certainly already supports it so even a limited never-ending "beta" would show you what percentage of people are likely to use it.

  9. Evan Essence
    WTF?

    They got their IPv6 site working then?

    Last time I looked, a couple of years ago, accessing www.bt.com over IPv6 it just hung.

    1. SImon Hobson Silver badge

      Re: They got their IPv6 site working then?

      It was broken a lot more recently than that, last year IIRC. AFAICT there was simply no server on the address given by teh AAAA record. I did report it to them, but several months later it was still offline.

      If someone the size of, and with the resources of, BT can't get it right ...

  10. Missing Semicolon Silver badge
    Happy

    The fix for any weird network problem is usually...

    .. disable IPV6.

    Then, at least you only have one problem to solve, not two!

  11. bigtimehustler

    Surely they should have monitoring software that checks cert expiry dates...on ipv4 and ipv6...ohhh, that would be too sensible right...

  12. DavidAtkinson
    FAIL

    If you're a BT broadband customer...

    Try this website:

    http://test-ipv6.com/

    to see how they're getting on with the IPv6 rollout.

    1. Anonymous Coward
      Anonymous Coward

      Re: If you're a BT broadband customer...

      On BT ADSL

      getting a score of 0/10 !!

  13. Anonymous Coward
    Anonymous Coward

    BT still having memory problems?

    https://community.bt.com/t5/Other-Broadband-Queries/Untrusted-certificate-when-trying-to-change-password/td-p/1193301

  14. Anonymous Coward
    Anonymous Coward

    I'm not convinced any plans they have for IPv6 in 2014 will ever be "exciting".

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021