The Independent Public Revenue Authority announced last week the replacement of our well-known Taxisnet by the new myAADE platform.
The new site myAADE, according to AADE, which owns the page, is a platform with a new friendly digital environment for serving the public.
So today I visited the page as a good citizen to be informed about my debts (yes it happens to the best families).
With the perversion of the "profession" that occupies me, I decided to take a look at the security certificates used by the Greek State.
I was glad to find out that her site myAADE platform doesn't use any free certificate from Lets Encrypt.
But what happens to the majority of gov.gr sites?
Too many sites in the Greek government domain use free certs. See the list:
Η παραπάνω λίστα αποδεικνύει ότι η Ελλάδα (όπως και το iGuRu.gr) αναζητεί φθηνές λύσεις ασφαλείας. Εμείς όμως δεν αποθηκεύουμε τα προσωπικά δεδομένα της Ελλάδας και χρησιμοποιούμε ένα wildcard Lets Encrypt certificate for editor logins only.
Fortunately for the taxis login there is a paid security certificate
Can you please analyze "But we do not store personal data of Greece and use a Wildcard certificate of Lets Encrypt only for the logins of the authors", regarding the storage of personal data and the risks that may involve the use of Lets Encrypt , in relation to a commercial certificate?
you can read here, here and here