1) Nation-state attacks on PKI differ from typical cyber attacks due to their unique motives, capabilities, and targets which are often related to political objectives rather than financial gain. 2) The document discusses several nation-state attacks including Stuxnet which targeted Iran's nuclear facilities, and a 2011 incident where Comodo certificates were mis-issued by an attacker in Iran targeting social media sites. 3) The key lessons learned are that state actors have different objectives than typical attackers, security basics are still important, and transparency and rapid disclosure are critical in responding to such incidents.