when the certificate is renewed in the near future the issue should be resolved.
Well that would be a huge part resolved, but the server would still need to have all the security patches installed to close up all the holes and some tweaks to the Protocols used (disable SSL3, Enable TLS1.1, TLS1.2) and tweak the Cipher Suits to the changed Protocols and that's it.
If BT don't at least do the tweaks the secure side of things would just stop working due to TLS1.0 is just for testing stuff now days and is due to be retired and the server should really be using TLS1.2 first, then fall back to TLS1.1 and then just return back that it has failed to pick a protocol.
BTW all these tweaks only require editing a config file and that's it, plugging the holes would require stuff being installed, but if the tweaks are done it might remove the need to do most of the patches due to the software with the holes are disabled.
But at least the info we send would be securely encrypted.
As for the site to continue, I also wish this, that's why I have only contacted BT the once via twitter.
I was hoping that would of gotten the ball rolling, maybe it has but they have other stuff to do first and where the CERT is due for renewal they might of decided to do it all then.
Paul
BTBroadband - Infinity 4 - 310Mbps (down), 31Mbps (up)
TBB Speedtest