Recently I had an issue where I was using a Firefox 3.6.x on someones computer and almost all SSL/TLS (https) websites showed a broken padlock with a red dot and white exclamation point in the right bottom corner. When you hovered your cursor over the icon it said "Connection partially encrypted. Parts of the page your viewing were not encrypted...". It showed up for most sites but not all of them. Even when I went to sites I knew for sure that all the parts where fully encrypted. This stumped me for days.
Finally, I hit upon this wiki page from Mozilla. Firefox has a setting in the about:config section of the browser called security.ssl.treat_unsafe_negotiation_as_broken. This was set to true. Setting this to true means that Firefox will display this icon on all websites that are vulnerable to a SSL/TLS session renegotiation flaw. The flaw is described here if your interested in learning about it.
That is what caused the icon to show broken most of the time. Most sites have not patched for this vulnerability yet but some have. For the ones that have the connection shows up fine. Setting the above Firefox about:config setting to false will make the lock appear normal again for all websites.
I'm disappointed in the Mozilla devs for being to lazy to make new text for this icon when this happens. It is very confusing when the text for the icon is telling you "Parts of the page your viewing were not encrypted...". Which is bull. All parts are encrypted fine but the renegotiation vulnerability is being checked for. They just attached this check to this icon and never bothered to change the text for when the icon is displayed for a different reason.
