|
|
|
|
|
|
by Nextgrid
1118 days ago
|
|
|
> But for modern passports they use Extended Access Control which requires up to date terminal certificates to access the data (you have to update them in the range of days Passports don't know the current time and thus can't tell whether the presented certificate is within its validity range (as in a malicious attacker could feed an expired certificate as well as a fake "current time" value to make it appear valid), so why are those certificates short-lived? |
|
|
It's not perfect but if you started you trip in another country with such a system and where a more recent certificate was used, your passport will deny access.