Re: [Fed-Talk] Someday is here UNCLASSIFIED (UNCLASSIFIED)
Re: [Fed-Talk] Someday is here UNCLASSIFIED (UNCLASSIFIED)
- Subject: Re: [Fed-Talk] Someday is here UNCLASSIFIED (UNCLASSIFIED)
- From: Paul Nelson <email@hidden>
- Date: Thu, 24 Apr 2008 18:16:32 -0500
- Thread-topic: [Fed-Talk] Someday is here UNCLASSIFIED (UNCLASSIFIED)
The AGM build will include Thursby's AFC. AFC gives you single sign on with
the CAC so you don't need a password. When you log in, you will have
Kerberos credentials. It also handles some other things related to securing
login using a CAC.
Paul Nelson
Thursby Software Systems, Inc.
> From: "Peralta, Rex J Mr CIV USA IMCOM" <email@hidden>
> Date: Thu, 24 Apr 2008 13:35:44 -0600
> To: "Putnam, J. Keith (AMRDEC/MRC)" <email@hidden>, "William G.
> Cerniuk" <email@hidden>, <email@hidden>
> Subject: RE: [Fed-Talk] Someday is here UNCLASSIFIED (UNCLASSIFIED)
>
> Classification: UNCLASSIFIED
> Caveats: NONE
>
> I would also like to add that the AGM build has CAC usage as a requirement
> and that here at Fort Carson we are including CAC-enabled Macs as part of
> our DIACAP accreditation.
>
> Rex Peralta
> IT Project Manager
> Plans, Architecture, Service and Operations Branch
> Directorate of Information Management
> Fort Carson
> US Army
> http://www.carson.army.mil/doim
> COMM: 719-526-0198
> DSN: 691-0198
>
> -----Original Message-----
> From: fed-talk-bounces+rex.peralta=email@hidden
> [mailto:fed-talk-bounces+rex.peralta=email@hidden] On Behalf
> Of J. Keith Putnam
> Sent: Thursday, April 24, 2008 10:26 AM
> To: William G. Cerniuk; email@hidden
> Subject: Re: [Fed-Talk] Someday is here UNCLASSIFIED
>
> Classification: UNCLASSIFIED
> Caveats: NONE
>
> I have no involvement in the security process, but I believe that it goes
> like this:
> We are bound to the DIACAP process.
> Said process requires documentation that all systems in the DIACAP be
> accredited.
> Mac OS does not integrate with CAC authentication to AD, the automated
> software updates, virus updates, etc. that are involved in the accreditation
> package that is being built here.
> The CIO\IAM that is responsible for the DIACAP I am on hasn't the resources
> to invest in non-MS OSes. There is a working group for Unix variants, but,
> to my knowledge they haven't developed a satisfactory path.
> The CIO\IAM maintains that any accreditations outside his bundle must be
> funded by the using contract.
> We can't afford to fund accreditations.
> I am not allowed to ask questions of the CIO\IAM, or his subordinates.
>
> "Security through diversity" is a nice thought. The accreditation process
> seems to squeeze the life out of diversity.
>
> It seems to me that people who expect to benefit from AGM must have waivers
> from the imminent accreditation and DIACAP requirement. I have been told we
> must be accredited and documented by early summer, June, I think, or we will
> not have access to the Army network.
>
> As an aside; when the CAC requirement deadline came, non-Windows users were
> allowed to keep using passwords and told that the IA people would help us
> get to compliance.
>
> On 4/23/08 8:52 PM, "William G. Cerniuk" <email@hidden> wrote:
>
>> Ironically www.army.mil is all Mac... on Mac OS X. It was chosen for
>> its security and performance.
>>
>> And the AGM for Mac is right around the corner, I am part of the team
>> as is several others on this list.
>>
>> Riddle me this, is there written and signed policy that indicates you
>> cannot run Mac OS X? The Army's stated policy is "security through
>> diversity" if I recall, LTG Boutelle, Army CIO (previous) a Mac user.
>>
>> ?
>>
>> Best Regards,
>> Wm. Cerniuk
>> E2E Project Manager, Innovation Program Chief Health Informatics
>> Office VHA Office of Information
>> 703.594.7616
>>
>> Time is Short, and the Water Rises
>>
>>
>>
>> On Apr 23, 2008, at 2:12 PM, J. Keith Putnam wrote:
>>
>>>
>>> Classification: UNCLASSIFIED
>>> Caveats: NONE
>>> Not to whine, I assume some of you will be interested in this.
>>>
>>> Due to the lack of accreditation path for the Mac OS, my Mac Pro is
>>> being converted.
>>>
>>> I now have a Windows XP drive, sans BootCamp, set up for CAC
>>> authentication.
>>> Most of my Windows apps are installed. Once I get my Mac files
>>> transferred, I will be required to remove my Mac drives and go 100%
>>> XP. I will have one of the best Windows machines around. No joy implied.
>>>
>>> Classification: UNCLASSIFIED
>>> Caveats: NONE
>>> --
>>> Keith Putnam
>>> Stanley Associates
>>> Software Engineering Directorate
>>> Redstone Arsenal
>>> 256-876-0363
>>>
>>>
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Fed-talk mailing list (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
>>
>>
>
>
>
> Classification: UNCLASSIFIED
> Caveats: NONE
> --
> Keith Putnam
> Stanley Associates
> Software Engineering Directorate
> 256-876-0363
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
> Classification: UNCLASSIFIED
> Caveats: NONE
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden