Digital certificate glitches have affected the operation of a secondary website used for UK passport applications.

Reg reader Marc discovered the anomaly when he needed to renew his passport and did a quick Google search. The search turned up a link at Direct.gov.uk. Clicking on this link to begin the application process opens a window to a new site, registered to the Passport Service.

This site - https://www.passport-application.gov.uk - generates a certificate error in both IE and Firefox as the certificate has been granted to another domain. Surfers who ignore the warnings and attempt to proceed are confronted by an error page.

Although this secure site leads nowhere, its regular sibling passport-application.gov.uk redirects to the main Identity & Passport Service (IPS) website, ips.gov.uk.

Digital certificate flaws of one kind or another are commonplace on the internet. The UK IPS glitch involves a secondary website and doesn't really pose a security risk beyond causing mild confusion. Nonetheless, surfers are entitled to expect better technology expertise from an agency integrally involved in complex technical projects such as the UK's controversial ID card scheme proposals. ®

Related stories

• Cisco.com suffers lower case t breakdown (25 September 2008)
• Update Gmail certificate expiry snafu follows security upgrade (30 July 2008)
• UK citizens' portal exposes edit kit interface (4 June 2008)
• Public says no to ID cards, No2ID says 'starve the beast!' (3 December 2007)
• Identity and Passport Service announces ID supplier shortlist (22 October 2007)
• UK ID card service mounts birth, marriage, death landgrab (11 October 2007)
• Home Office pops open ID procurement porkbarrel (9 August 2007)
• Comodo resolves site validation glitch (27 February 2007)
• Digital certificate regime wins UK gov plaudits (22 April 2004)
• VeriSign unveils flash new site seal (4 November 2003)
• MS in fresh digital cert flaw (29 August 2002)