Re: [Fed-Talk] FileVault - CAC possible bug.
Re: [Fed-Talk] FileVault - CAC possible bug.
- Subject: Re: [Fed-Talk] FileVault - CAC possible bug.
- From: Brian Cadwell <email@hidden>
- Date: Mon, 09 May 2005 12:36:54 -0400
Title: Re: [Fed-Talk] FileVault - CAC possible bug.
Hi Mike, that is exactly what I meant, maybe I am missing something. I don’t have that functionality on my Tiger installation. You are talking about Tiger not Panther, right?
I’m using an old imac G5, and an ActivCard USB Reader V2.0 flashed (to the OMB prom). The Card reader/CAC combo does work Keychain, but there no recognition from any login dialog.
bc
On 5/9/05 11:20 AM, "Michael Chute" <email@hidden> wrote:
Just a comment...
I am not sure if this is what you are looking for, but I think for login using cac when you reach the login screen just stick in the cac. the screen should change and prompt you for your pin. Again not sure if this is what you mean by Crypt. login, but thought I would mention it.
Mike
Brian Cadwell wrote:
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
Date:
Mon, 9 May 2005 11:26:57 -0400
Shawn,
Smart Card Support in Tiger is a leader in the industry. There is no
other OS vendor that provides the built-in Smart Card Services, which
among other things, fully supports the US Federal Smart Cards (CAC /
PIV / FIPS-201) for Cryptographic Login, S/MIME, Secure Web Access
and Authentication for System Administration.
All pretty much true and much appreciated.
If these are known issues an OS as "advanced" as OSX should warn
users of these things when attempting them so they know the
consequences.
These are not exactly "issues", but rather features that have not yet
been made available. This is not a regression -- meaning this
capability never previously existed and disappeared.
Unless I'm missing something, Tiger shipped without enabling cryptographic
logon with CAC and a working CAC demographic reader application. Both of
these things were working in Panther to whatever degree. I understand the
fundamental change in the way these things will be ultimately implemented,
but the lack of functionality sure seems like a regression.
I think Brian R. indicated that he had submitted a bug report on the card
reader app (the one that reads the demographic data) a while ago. The lack
of logon support (even if it is simply undocumented at this point) seems
pretty obvious and shouldn't require any extra effort on our part.
bc
I indicated that "currently", as in 10.4.0, that Smart Cards cannot
be used to unlock a FileVault protected Home Directory.
bc
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden