Some countries fixed it already, see Estonian ir Polish IDs with digital layer (performing signing, authentication, etc), and the devices only acting as untrusted interfaces to these.
Some countries fixed it already, see Estonian ir Polish IDs with digital layer (performing signing, authentication, etc), and the devices only acting as untrusted interfaces to these.
It’s still impossible to extract an Estonian certificate from the smart card (or Mobiil-ID/Smart-ID), no?
I believe do, I didn't see a successful attack yet.