Digital cert glitch trips up UK passport site
PrintSecondary IPS site in shared credentials snafu
Posted in Public Sector, 9th January 2008 11:28 GMT
Free whitepaper – Power distribution systems for the Dell PowerEdge M1000e Modular Server Enclosure
Digital certificate glitches have affected the operation of a secondary website used for UK passport applications.
Reg reader Marc discovered the anomaly when he needed to renew his passport and did a quick Google search. The search turned up a link at Direct.gov.uk. Clicking on this link to begin the application process opens a window to a new site, registered to the Passport Service.
This site - https://www.passport-application.gov.uk - generates a certificate error in both IE and Firefox as the certificate has been granted to another domain. Surfers who ignore the warnings and attempt to proceed are confronted by an error page.
Although this secure site leads nowhere, its regular sibling passport-application.gov.uk redirects to the main Identity & Passport Service (IPS) website, ips.gov.uk.
Digital certificate flaws of one kind or another are commonplace on the internet. The UK IPS glitch involves a secondary website and doesn't really pose a security risk beyond causing mild confusion. Nonetheless, surfers are entitled to expect better technology expertise from an agency integrally involved in complex technical projects such as the UK's controversial ID card scheme proposals. ®
The Register Agile Data Center Summit
What Exchange can't do - and Dell can
Analyst Keynote: The Register Agile Data Center Summit
Dirty, dirty PCs: The X-rated picture guide
Top 500 supers - rise of the Linux quad-cores
Early adopters bloodied by Ubuntu's Karmic Koala
Sign up, sign up for The Register IT security newsletter