[Fed-Talk] Re: Mac OS X 10.3.x == PKI-Enabled OS / PKI != Keychain
[Fed-Talk] Re: Mac OS X 10.3.x == PKI-Enabled OS / PKI != Keychain
- Subject: [Fed-Talk] Re: Mac OS X 10.3.x == PKI-Enabled OS / PKI != Keychain
- From: Shawn Geddis <email@hidden>
- Date: Mon, 20 Sep 2004 20:30:19 -0400
On Apr 20, 2004, at 11:33 AM, Kerwood David R NEWP wrote:
Where this capability would become really useful at a very basic level
would be to PKE-enable an entire machine, where any interaction, be it
over the wire, behind the keyboard, wireless, whatever, would require
the challenge/acceptance between machine and human. This would make
things like implementation of PKI on a web or FTP server (i.e. WebSTAR
and Rumpus) much more of an academic exercise, I would think. As
things stand now, it looks very problematic as to whether or not these
two applications will ever be able to support PKE between the server
and the client.
David,
Any application/service leveraging the Cert/Keychain APIs can leverage
this today with Mac OS X 10.3.x.
With "Tiger" - next release of Mac OS X, you will also be able to do
the same with your Smart Card without Application Developers making any
code changes.
-Shawn
----------
From: Shawn Geddis
Sent: Tuesday, April 20, 2004 02:54
To: Fed Talk
Subject: Mac OS X 10.3.x == PKI-Enabled OS / PKI != Keychain
Mike / Brian,
Let's clear up a few things here first....
* PKI
== Public Key Infrastructure (much more than just PKE = Public Key
<<Re: [WEBMASTERS] recommendations on enterprise-wide calendaring
software>>
Exchange)
== Mac OS X's PKI Services use Keychains for storage of
Private/Public
Keys/X509 Certificates
(I refer you to the Certificate / Keychain APIs on Mac OS X)
== Typical Uses:
Authentication, S/MIME, Secure Web Access (Client/Server Auth),
Secure Storage, ....
* Keychains
== Secure Storage of Credentials (passwords, private keys, public
keys, certs...)
== File-based which can be stored on any accessible media (HD, CD,
DVD, USB, FW, ...)
== Secured with 168-bit 3DES
== Currently protected with a Passphrase of length up to 255 Double
Byte Chars
== Allow for user-defined settings on Keychain Accessing and Key Item
Accessing (ACLs)
== The default Keychain created with an account is assigned the same
passphrase as
the account, but can be changed at any time. Any additional
keychains created can
be created using any valid passphrase up to 255 Double Byte Chars.
* Mac OS X 10.3.x == PKI-enabled OS
* PKI - Keychain AND Keychain - PKI
Message-ID: <000101c426d5$ed8914d0$9a645086@WC8423U>
From: Linda Hammell <email@hidden>
Reply-To: Linda Hammell <email@hidden>
To: email@hidden
Subject: Re: [WEBMASTERS] recommendations on enterprise-wide
calendaring
s oftware
Date: Tue, 20 Apr 2004 08:49:31 -0400
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2657.72)
Content-Type: text/plain; charset="iso-8859-1"
Welcome to my world. We have been through several different calendar
systems and nothing seems to be good enough.
What we are looking at right now is Sharepoint 2003, with this
Coraswork
web part that shows the Outlook calendar right in the portal page.
They
also have a few other web parts that do calendar and task roll up. And
they are very reasonably priced.
Calendar is our number one priority also when it comes to a
collaboration solution for our PM.
Linda Hammell
PM GCC2 Fort Monmouth NJ
PKMM supporting the US Army
-----Original Message-----
Fellow DOD Webmasters,
I am soliciting opinions or insights from any DOD organization that has
successfully deployed an enterprise-wide calendaring system.
It can be a standalone system or integrated with other software
(portal, collaboration package, etc.) The platform could be
Microsoft or Sun. Basically, it has to support 200-300 calendars
across 80,000 users, be able to rollup and rolldown
events to any other calendar, provide filtered views (by event type,
organization, etc.), support moderation and approval of event
submissions, etc. In other words, the system must be very robust.
I have done a good degree of research on this issue, and have
developed a preliminary list of candidate software, but I also wanted
to be sure to tap into the knowledge and experiences of the members
of this forum before closing the list.
If you have successfully deployed (and are happy with) a large-scale
calendaring system, please post or email me offline.
Thanks,
Steve Luzzi
ERDC-CERL
email@hidden
*********
FAQ & Subscription info: http://www.dod.mil/webmasters/faq/
*********
FAQ & Subscription info: http://www.dod.mil/webmasters/faq/
_______________________________________________
fed-talk mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/fed-talk
Do not post admin requests to the list. They will be ignored.
___________________________________________
Shawn Geddis T (703) 264-5103
Security Consulting Engineer C (703) 623-9329
US Federal Government email@hidden
Apple Computer, Inc.
1892 Preston White Drive T (703) 264-5100
Reston, VA 20191
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden