Software, Technology

How-to: Understand Website ‘Identity Information’

…or more precisely, when a reputable website such as displays a warning triangle and the message: “this site does not supply identity information.”

You may notice the warning triangle in the address bar on sites which use the HTTPS, SSL and TLS protocol and certificates, and get the message when you scroll over it. WordPress? Really?

Let’s replay Internet Security-101, with apologies to the technically ‘ept’ (not the ‘inept’).

The “identity information” is normally provided when secure site certificate is presented to your browser. Connecting to a site’s secure server, denoted by the “https” address prefix, the encrypted certificate is supposed to ensure authentication. Regular HTTP traffic is not encrypted, doesn’t authenticate and doesn’t worry about “identity information.” This is how most of the Internet used to work before the increase of hacking, and why so many more sites

have switched to SSL or TLS connections under encrypted certificates, not just e- commerce, banking, and log-in pages to account-based services.

SSL also ensures traffic is unchanged end-to-end as it is transmitted, so what you get is un-tampered.

So why does a site like suddenly throw that warning triangle and the message: “this site does not supply identity information?”

For one thing, it is not the whole site. consists of millions of sub-domains, all sat under the main HTTPS SSL certificate. Go to root URL and it is perfectly fine. Go to a sub-domain such as and the warning appears. Why?

Usually you will get that warning when the site is displaying mixed content, by which we mean the site is using files not located in its own directory or own server. So for I can tell you all the article images being displayed actually sit on Google Picasa; rather than upload all the images to the WordPress server, we link across to the master files on Picasa.

However, the browser is checking not only the host site identity, but also the secondary site identity when there’s external content being loaded from outside the host. Now while Picasa also uses HTTPS under a certificate and has its own identity, that does not match the credentials presented for – that’s if the Picasa credentials even make it through the call, which for this type of simple content call, they wouldn’t.

In this example, I’m not going to worry; but then it’s from one of my sites, and I know what’s on there.

You have to bear in mind that this mixed content can be any kind of file; javascript, php, images, documents, pdfs. What the web-browsers such as Firefox are doing is flagging potentially hazardous content that may harm your computer and its contents. The browser can’t establish the provenance of the secondary content; it is up to your judgement when you see the warning (you do see the warnings, right? Just checking) as to whether you proceed on that site. You know it’s a reputable site? Go ahead. Not so certain? Get the heck out of Dodge. RC

Related: How-to: Adjust Browser Security for Mixed Content and Frames

About Robin Catling

Robin Catling gained degrees in both arts and technology which led to a diverse portfolio of employment. A freelance systems analyst, project manager and business change manager for the likes of American Express, British Airways and IBM, he moved on to web design, journalism and technical authoring. He has also worked in film and television, both behind and in front of the camera, including productions by Steven Spielberg, Martin Scorcese, Ron Howard and Ridley Scott. A qualified three-weapon coach, he runs West Devon Swords teaching sports fencing to all age groups, and in recent years qualified with the British Federation of Historical Swordplay to teach medieval and renaissance combat in the Historical Western Martial Arts.


One thought on “How-to: Understand Website ‘Identity Information’

  1. It’s good article designed for all the internet users; they will get benefit from it I am

    Posted by Gino Gleason | Mar 20, 2015, 8:09 am

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Twitter Updates

Follow us on Twitter @EverythingExpre

Find Us on Facebook

Enter your email address to follow this blog and receive notifications of new posts by email.



BBC World News

BBC World News
Opens the BBC World News page.
%d bloggers like this: