
Ask HN: Status of Estonia's e-residency program - jnbiche
I know that Estonia&#x27;s e-residency program was affected a security flaw in Gemalto&#x27;s card in 2017. And apparently they closed access to the public key database at that time.<p>But what&#x27;s the current status of the program? I see no available public key database online or any API. Without a public way to verify these signatures, the program is only useful to internal Estonian government programs.<p>Anyone know what the current status of the program is? Do any other countries plan to offer a similar program?<p>The problem of verifying online identities in social media is a big one, and the Estonian program was a step in the right direction. It would be a shame if that progress is stifled because of Gemalto&#x27;s negligence and incompetency.
======
coolvision
E-residency program uses the same technology and infrastructure as "real"
Estonian residents ID cards (on which all Estonian citizens and residents rely
daily for banking/government services/voting, etc...).

So yes, it still works )

As so the Gemalto vulnerability, it was promptly resolved with remote id card
software updates (which most people did), and after that non-updated
certificates/cards were suspended and replaced.

More info: [https://www.ria.ee/sites/default/files/content-
editors/kuber...](https://www.ria.ee/sites/default/files/content-
editors/kuberturve/roca-vulnerability-and-eid-lessons-learned.pdf)

------
phillipseamore
[https://www.id.ee/index.php?id=30469](https://www.id.ee/index.php?id=30469)

