Digital cert glitch trips up UK passport site
Secondary IPS site in shared credentials snafu
Digital certificate glitches have affected the operation of a secondary website used for UK passport applications.
Reg reader Marc discovered the anomaly when he needed to renew his passport and did a quick Google search. The search turned up a link at Direct.gov.uk. Clicking on this link to begin the application process opens a window to a new site, registered to the Passport Service.
This site - https://www.passport-application.gov.uk - generates a certificate error in both IE and Firefox as the certificate has been granted to another domain. Surfers who ignore the warnings and attempt to proceed are confronted by an error page.
Although this secure site leads nowhere, its regular sibling passport-application.gov.uk redirects to the main Identity & Passport Service (IPS) website, ips.gov.uk.
Digital certificate flaws of one kind or another are commonplace on the internet. The UK IPS glitch involves a secondary website and doesn't really pose a security risk beyond causing mild confusion. Nonetheless, surfers are entitled to expect better technology expertise from an agency integrally involved in complex technical projects such as the UK's controversial ID card scheme proposals. ®
Sponsored: 2016 Cyberthreat defense report