[martinraag]

More like 3 baskets. Estonians can also use a Mobile ID, where private keys, authentication and signature functions are stored on a special SIM card. More recently, an app based Smart ID was also introduced. If you're on one of those services, the certificate revocation doesn't really affect you.

[dekrg]

There is only one basket that is made to look that there are three baskets. To get a Mobile-ID need to have an ID-card with valid certificates. If the certs are revoked you can't activate your Mobile-ID. Also you have to pay a monthly fee for Mobil-ID service. Smart-ID requires that you have an ID-Card or Mobile-ID and more importantly it's practically useless as you can't use it for any government services.

[dullgiulio]

ID cards have been usable until yesterday and will be again soon. Mine was upgraded and is still useful.

You don't need it all the time, only to sign up. Your argument doesn't quite make sense.

[dekrg]

If you need another basket to have access to it (even if only initially) then it's not really a separate basket on a national level.

[vertex-four]

So what's your actual threat model here? The Government decides to ban people from accessing Government services? Err... Or that some person might not be able to activate their Mobile ID for a short period of time while they sort out their ID cards?

[dekrg]

The threat model is exactly people getting locked out of government services. If this seems silly or not important to you then you aren't aware just how widespread the usage of digital government services are in Estonia.

As one example most government procurements over a certain amount od money happen as e-procurements with strict time limits that can't be changed and bids need to be digitally signed. If you can't access digital government services you can neither access e-procurment site nor digitally sign you bid.

[vertex-four]

Right, but point is, you can quite easily have Mobile-ID and your ID card, and if something happens to your ID card you can still use Mobile-ID. I think.

If there's no redundancy measure for the ID card system failing - for example, automatically extending deadlines - that's a problem, and an easily solvable one at that, since it's mostly policy. It's not something against the ID card system.

[walshemj]

If you cant get your benefits you might not be be able to eat or heat your home hospitals might not be able to look up patients records etc

[dullgiulio]

Just like you need a valid e-mail to sign up somewhere. Except that here you won't need it afterwards (even if your ID is compromised, it can be blocked and the other systems provide secure identity.)

All of this is backed by the "single basket" of people actually showing up in the population registry office...

PS: I see, you have just joined HN to write these unsubstantiated comments.

[tauntz]

Clarification: Smart ID does not (yet) have the same functionality as Mobile-ID or ID Card (you can log into some supported services with it but that's about it).

AFAIK they're working on it to get it to the same level so you could give official signatures and log into govt services etc using that as well.

[walshemj]

All easy targets for the bear next door - and maybe having a national ID card is not such a good idea in the first place