Re: [Fed-Talk] FileVault - CAC possible bug.
Re: [Fed-Talk] FileVault - CAC possible bug.
- Subject: Re: [Fed-Talk] FileVault - CAC possible bug.
- From: Brian Cadwell <email@hidden>
- Date: Mon, 09 May 2005 11:10:31 -0400
Shawn,
> Smart Card Support in Tiger is a leader in the industry. There is no
> other OS vendor that provides the built-in Smart Card Services, which
> among other things, fully supports the US Federal Smart Cards (CAC /
> PIV / FIPS-201) for Cryptographic Login, S/MIME, Secure Web Access
> and Authentication for System Administration.
All pretty much true and much appreciated.
>
>> If these are known issues an OS as "advanced" as OSX should warn
>> users of these things when attempting them so they know the
>> consequences.
>
> These are not exactly "issues", but rather features that have not yet
> been made available. This is not a regression -- meaning this
> capability never previously existed and disappeared.
Unless I'm missing something, Tiger shipped without enabling cryptographic
logon with CAC and a working CAC demographic reader application. Both of
these things were working in Panther to whatever degree. I understand the
fundamental change in the way these things will be ultimately implemented,
but the lack of functionality sure seems like a regression.
I think Brian R. indicated that he had submitted a bug report on the card
reader app (the one that reads the demographic data) a while ago. The lack
of logon support (even if it is simply undocumented at this point) seems
pretty obvious and shouldn't require any extra effort on our part.
bc
>
> I indicated that "currently", as in 10.4.0, that Smart Cards cannot
> be used to unlock a FileVault protected Home Directory.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden