[vbezhenar]

One example: website which uses USB crypto tokens for digital signatures. In Kazakhstan (and, I guess, many other countries) every citizen can get digital certificate, signed by government CA and use it to sign electronic documents. It's used for many government internet services, for example. But there's no API even in modern browsers, to work with USB devices, so Java applet is one way to do it.

That said, Java applets are effectively dead, so government services now require installing and running separate program which listens at localhost for connections from browser. Honestly, it doesn't look like a big win for me, more like a big loose, from a security point. But here we go.

[news_to_me]

> every citizen can get digital certificate, signed by government CA and use it to sign electronic documents

This sounds crazy smart. Why don't western countries do this? You could even put the fingerprint in the barcode of your driver's license.

[njaremko]

Because it's actually used to intercept encrypted communications of citizens. http://www.slate.com/blogs/future_tense/2015/12/14/kazakhsta...

Having said that, a better implementation would be pretty awesome.

[icebraining]

Those are two separate issues. A certificate in a smartcard is not the same as a CA certificate used in devices to authenticate sites.

[vbezhenar]

Those are rumors. Currently Internet in Kazakhstan works fine without installing any certificates. I wouldn't be surprised, if they would do it, but not yet.

And, yes, those certificates are unrelated, AFAIK.

[icebraining]

Some do, like Portugal.