Seems the Spanish government is finally admitting that new Spanish eIDs ("DNIe 3.0") are vulnerable to ROCA. Everyone gets to renew their certs. Supposedly they're "disabling" the old functionality (revoking the certs, I hope). https://www.dnielectronico.es/PortalDNIe/
-
I wonder, do you know of the card manufacturer? The only reference I cannot find any Infineon connection.
The official specs say the chip is Infineon, but I don't know who actually manufactures the cards. https://www.dnielectronico.es/PortalDNIe/PRF1_Cons02.action?pag=REF_1078 …
-
-
Sure, it looks like customised operating system & app as dnie has a common criteria evaluation. Excellent link, thank you!
-
Common criteria is worthless. The buggy code passed those evaluations. This is why we need *public* review, not shitty certifications that don't certify anything.
- Show replies
New conversation -
-
-
I know - we run https://keychest.net/roca :)
-
Oh, sorry, misunderstood :-) (and thanks for running that!)
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.