A couple of case studies from PHP world demonstrating how important it is that application framework authors provide carefully designed cryptography interface to programmes. Otherwise it's almost certaint that will be implemented incorrectly.
I've spent some time browsing through publicly available sources to find out what are various identification numbers across Europe, especially those that can be treated as "personal data". The numbers listed below include national identification, tax, health, social security and bank codes that I was able to identify.
Here's a simple example on how to request a trusted timestamping service from a certificate authority using TSP (Time-Stamp Protocol). It's really simple if the server allows you to use standard HTTP interface instead of full TSP interface.
A very important research paper has been just published on eprint — wide analysis of practical security of RSA keys found in the wild. It shows that implementation or usage issues resulting in weak keys are much more widespread than previously expected.