While we do know that everyone – individuals or corporations alike, will make mistakes since no one is perfect, some mistakes are a whole lot more embarrassing than the rest. The Metropolitan Police, for instance, has allowed its SSL certificate to expire – and in the process, open up the possibility of exposing users of its website to criminal snooping, and these victims as well as witnesses of crime will end up vulnerable to exploitation.
In other words, the Metropolitan Police exhibited one of the most shocking disregard for the most basic standards of web security, as their SSL certificate for https://online.met.police.uk/ has been allowed to expire. In an anonymous tip-off to The Register, it seems that the certificate expired yesterday, which resulted in the public not having a secure means of visiting the site across a couple of days.
SSL certificates happen to be a cryptographically secure means of validating that (in this particular case) if you would like to inform the police about a crime that you are privy to, you will be safe knowing that you are communicating with the long arm of the law – rather than to a criminal in disguise. Hopefully the Metropolitan Police would be able to get their act together in this case, and soon!
Filed in Security. Source: theregister
. Read more about