***This message was also posted to the Internet Connection forum, but someone suggested this forum might be a better fit...***
I have two Macs, one running 10.4.11 and a new one running 10.6.5. I use Firefox and Safari on both machines, and all browsers are up to date. For some reason I cannot log in to any Comcast Web site on the machine running 10.6--not comcast.net, comcast.com, or xfinity.com. I can access the Web sites just fine (and I can download/send my e-mail through Entourage no problem), but I need to log in to the Comcast sites to actually do anything (check e-mail online while traveling, watch shows, etc.), and the browsers just hang when I try. The machine running 10.4 logs in to the sites just fine, but of course it's so old, it can't run Web video worth a darn, so it's useless.
I've tried deleting cookies, disabling the browsers' autofill, and deleting the Comcast entries in my keychain, all to no avail.
I finally thought to look in Firefox's error console, and these sites result in a bunch. Under the "Messages" section, there are 18 lines that each read some variation of "login.comcast.net : server does not support RFC 5746, see CVE-2009-3555". Does this mean it's some sort of certificate problem? The error message I get in Safari is "Safari can't establish a secure connection to the server 'login.comcast.net'". I do not get this error on my machine running OS 10.4.
Does anyone have any idea what the problem could be here? It's really annoying.
I thank you again for the information you provided .
The information i posted about SSL certs was an attempt to explain why some website owners do what they do with hostnames...Comcast was never a specific example or subject in that portion of the discussion. In fact, the sites you were troubleshooting (www.forums.comcast.net (non-existent) and forums.comcast.net) don't use SSL encryption, so your attempt to imply that Comcast are cheap is inappropriate in this particular scenario...
Whetehr a site works with www as part of the host name is entirely related to how the owner of the site decides to set up their DNS...it can also be related to the way in which they implement SSL authentication.
In the case of DNS, it is a simple matter to perform an nslookup from your computer to see if the host name exists in DNS...for instance, using the hostnames in this thread specifically:
This indicates that Comcast never set up a hostname of www.forums.comcast.net...just because you can't reach it, doesn't mean there is anything wrong....
Regarding the use of SSL certs for https sites....companies will often try to save money by using 'wildcard' certificates that are used to authenticate to the second level of a domain. The 'common name' associated with these certs might be something like *.bar.com... By using a certificate of this type, they can enable SSL on any number of sites, such as foo.bar.com, and charlies.bar.com, however by definition in the Internet RFCs, wildcard certs can ONLY be used to go to one additional level of naming for a site....so they cannot use the same wildcard cert for really.foo.bar.com as they use for foo.bar.com. The really.foo.bar.com site would require them to purchase an SSL cert with a specific common name, and SSL certificates are not cheap...
The result is that for companies that implement SSL sites AND use wildcard ssl certs, you'll tend to see hostnames that are only three levels deep, so adding www in some cases is omitted for these reasons. It is also a somewhat archaic concept, that all websites should start with www...it simply isn't the case these days.
Interesting how some web pages work just fine with or without the added www. And others do not i.e. forums.comcast.net . If at one point comcast worked with the www. And it was stored in bookmarks, that way,this might account for not being able to reach the address .
Running vista pc today I noticed that "safari web browser" I tried to get to http://www.forums.comcast.net which did not work I then entered forums.comcast.net into Google and noticed the web browser used http://forums.comcast.net which did work . I put this here in Macintosh forum because it was originally moved from web browsers to here . ( please do not delete again )
No, it doesn't make any difference. I am guessing that given the sites work only when I'm connected to the router via Ethernet, there are some sort of IP address issues happening (I had to assign IP addresses for my network because I have a wide assortment of very old and very new equipment). I have decided not to worry about it for now, particularly as it only affects me when I'm on my home network. I'll just plug in with an Ethernet cord when necessary... Thanks again for your help!
Yes, I tried that too. Didn't make any difference. I only seem to be able to log in and/or do anything interactive on Comcast sites (like reply to these postings) while hardwired, doesn't matter which browser I use. I will reset the router again and see if that helps...
Yes, I agree. Unfortunately, I use an older Linksys router, WRT54GX4, which is out of warranty and is no longer supported by Linksys. They no longer update the firmware, and I have the latest version. For now, I log into Comcast sites with my Ethernet plugged in, and then take my laptop elsewhere in the house for the session. Annoying, but at least it works... Thanks to all for their help with this one.
The problem you describe sounds like a firmware issue with the router. Just for our future reference, can you tell us what kind of router you're using, how the machines are connecting (both wireless; one wireless, one ethernet?), and if its controlling software (firmware) has been updated.
In the end, it was not a problem with my computer or my security certificates. It was my router. On vacation, I learned I was able to log in to the sites away from home. I logged in using an Ethernet connection rather than wireless, and after that they worked, even wirelessly.
Thanks so much to all for your help, but I figured it out. I needed to download a few Verisign certificates. Very annoying (shouldn't updates to browsers and operating systems take care of this?), but works now.