[y04nn]

Exactly, this crazy to think you can keep you sovereignty while giving to a foreign (French), NSA/CIA infiltrated (In-Q-Tel/Snowden) company the keys to all your citizens ID, moreover with internet voting. While ahead of its time, maximum caution must be taken, and the balance must be made between convenience and independence.

[dfox]

In fact the root cause of the flaw is in the attempt to make the keys inaccessible to any single entity by generating them on the card. This needs the card to have circuitry and software to generate RSA primes and some reliable source of entropy, both of which are somewhat non-trivial problems (as in easy to subtly screw up) in the smartcard environment.