Reply to post:

El Reg assesses crypto of UK banks: Who gets to wear the dunce cap?

Anonymous Coward
Anonymous Coward

The certificate is good, the rest, not so good.

SSL Labs

SSL Report: onlinebanking.nationwide.co.uk (155.131.32.27)

Assessed on: Fri, 03 Nov 2017 11:29:17 UTC | Clear cache

Summary

Overall Rating: C

Certificate: 100

Protocol Support: 95

Key Exchange: 70

Cipher Strength: 50

This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B.

This server uses 64-bit block cipher (3DES / DES / RC2 / IDEA) with modern protocols. Grade capped to C.

The server does not support Forward Secrecy with the reference browsers.

Certificate #1: RSA 2048 bits (SHA256withRSA)

DNS CAA No

Security Headers

Security Report Summary

F

Site: https://onlinebanking.nationwide.co.uk/

IP Address: 155.131.32.27

Report Time: 03 Nov 2017 13:57:19 UTC

Report Short URL: Feature disabled.

Missing Headers (6/6 missing):

Strict-Transport-Security

Content-Security-Policy

X-Frame-Options

X-XSS-Protection

X-Content-Type-Options

Referrer-Policy

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019