Re: [Fed-Talk] RE: Using CAC with MacBook Pro (UNCLASSIFIED)
Re: [Fed-Talk] RE: Using CAC with MacBook Pro (UNCLASSIFIED)
- Subject: Re: [Fed-Talk] RE: Using CAC with MacBook Pro (UNCLASSIFIED)
- From: Paul Nelson <email@hidden>
- Date: Mon, 05 Feb 2007 12:28:55 -0600
- Thread-topic: [Fed-Talk] RE: Using CAC with MacBook Pro (UNCLASSIFIED)
When I talked with a Citrix guy, he said that they had this working with Mac
OS 10.3. When Apple changed the architecture in 10.4, it broke their
support for smart cards. I would have to guess that they were trying to use
the pcscd to talk to the smart card in 10.3. I don't really know the
details of why this broke. I think they are working on a fix for this, but
I think that it has been a low priority for them. Now that CAC use is
required, I hope the priority for fixing this is higher. I haven't talked
with them since September of 2005, so I don't have any recent info.
Paul
on 2/5/07 11:45 AM, Timothy J. Miller at email@hidden wrote:
> Citrix Presentation Manager uses a Java client, and (I'm told) it works
> with CAC on Windows. So the base question is how was this achieved? If
> Citrix took a direct approach (say, a custom framework that uses CAPI),
> then they'd need to create a Mac solution from scratch.
>
> If Citrix took the portable approach--i.e., wrapping PKCS#11 and
> dynamically loading a module--then all that would need to be done is to
> point to the system-provided PKCS#11 module. If they did it this way
> then it's probable that they used IAIK as their framework. IAIK sells a
> PKCS#11 provider & module loader, so all that Citrix would need to do is
> to point to the applet at the OS X PKCS#11 module and go.
>
> http://jce.iaik.tugraz.at/
>
> Either way it's something Citrix needs to comment on.
>
> -- Tim
>
> Paul Nelson wrote:
>> Seth,
>>
>> I am hoping that Apple will respond to your question regarding Citrix. I
>> have talked with Citrix about their product and CAC support, and I believe
>> that they do not support this on 10.4.x You'd have to get the official
>> statement from them. This problem is not related to ADmitMac for CAC.
>>
>> Paul Nelson
>> Thursby Software Systems, Inc.
>>
>>
>> on 2/2/07 3:12 PM, Wright, Gary "Seth" Mr /ASD, Inc. at
>> email@hidden wrote:
>>
>>> Classification: UNCLASSIFIED
>>> Caveats: None
>>>
>>>
>>> I'm using a CAC to login to a MacBook Pro. When working at remote
>>> locations,
>>> our domain users connect back to the network via CITRIX or Cisco's VPN
>>> client
>>> software. I have installed the Mac versions of this software on the
>>> MacBook,
>>> but when I connect to the server via CITRIX it does not recognize that my
>>> CAC
>>> is inserted in the MacBook. I am able to log into the CITRIX server with my
>>> domain credentials, but policy directs that you must login with a CAC. Is
>>> this an issue I should resolve with CITRIX, Apple, or AdmitMac- the company
>>> who made the software to CAC enable the Mac?
>>>
>>> email@hidden
>>>
>>> -----Original Message-----
>>> From: fed-talk-bounces+seth.wright=email@hidden
>>> [mailto:fed-talk-bounces+seth.wright=email@hidden] On
>>> Behalf
>>> Of email@hidden
>>> Sent: Friday, February 02, 2007 2:05 PM
>>> To: email@hidden
>>> Subject: Fed-talk Digest, Vol 4, Issue 26
>>>
>>> Send Fed-talk mailing list submissions to
>>> email@hidden
>>>
>>> To subscribe or unsubscribe via the World Wide Web, visit
>>> http://lists.apple.com/mailman/listinfo/fed-talk
>>> or, via email, send a message with subject or body 'help' to
>>> email@hidden
>>>
>>> You can reach the person managing the list at
>>> email@hidden
>>>
>>> When replying, please edit your Subject line so it is more specific than
>>> "Re:
>>> Contents of Fed-talk digest..."
>>>
>>>
>>> Today's Topics:
>>>
>>> 1. Entourage and Encrypted mail to a distribution list (Jerry Roy)
>>> 2. Seagate introduces us to DAVE [wireless HD] (Wm. Cerniuk)
>>>
>>>
>>> ----------------------------------------------------------------------
>>>
>>> Message: 1
>>> Date: Thu, 01 Feb 2007 15:58:48 -0500
>>> From: Jerry Roy <email@hidden>
>>> Subject: [Fed-Talk] Entourage and Encrypted mail to a distribution
>>> list
>>> To: <email@hidden>
>>> Message-ID: <C1E7BEB8.2403C%email@hidden>
>>> Content-Type: text/plain; charset="iso-8859-1"
>>>
>>> Does anyone have a solution to sending encrypted email to a distribution
>>> list
>>> using Entourage? All the members individually are listed in the GAL and have
>>> CAC cards. It appears that Entourage does not expand the DLL but rather
>>> just
>>> checks the GAL (in this case the LDAP server) for certificates associated
>>> with
>>> the DLL name. For email recipients obviously not in the GAL, Entourage uses
>>> the Microsoft Certificate Manager, but there¹s no specific certificate
>>> associated with a DLL. Can this be done?
>>> Regards,
>>> Jerry Roy
>>> -------------- next part --------------
>>> An HTML attachment was scrubbed...
>>> URL:
>>> http://lists.apple.com/mailman/private/fed-talk/attachments/20070201/24ec3a1
>>> 5/
>>> attachment-0001.html
>>>
>>> ------------------------------
>>>
>>> Message: 2
>>> Date: Fri, 2 Feb 2007 11:08:00 -0500
>>> From: "Wm. Cerniuk" <email@hidden>
>>> Subject: [Fed-Talk] Seagate introduces us to DAVE [wireless HD]
>>> To: FedTalk Talk <email@hidden>
>>> Message-ID: <email@hidden>
>>> Content-Type: text/plain; charset="us-ascii"
>>>
>>> Very interesting. Size of a Razr.
>>>
>>> Very Respectfully,
>>> Wm. Cerniuk
>>> Project Manager / Sr. Systems Architect
>>> Veterans Affairs
>>> 877.529.5730 (toll free)
>>>
>>> Time is Short, and the Water Rises
>>>
>>>
>>> http://arstechnica.com/news.ars/post/20070201-8753.html
>>> More drive-makers are adding to the selection of mobile content servers to
>>> debut in 2007, as Seagate formally announced this week the Digital Audio
>>> Video
>>> Experience (DAVE). DAVE will be a small, portable hard drive that will use
>>> WiFi and Bluetooth to transfer media and other files between devices.
>>> Seagate's goal with DAVE will be to allow users to freely access their files
>>> at any time from nearly any device.
>>> -------------- next part --------------
>>> An HTML attachment was scrubbed...
>>> URL:
>>> http://lists.apple.com/mailman/private/fed-talk/attachments/20070202/2ccb5f5
>>> 8/
>>> attachment-0001.html
>>>
>>> ------------------------------
>>>
>>> _______________________________________________
>>> Fed-talk mailing list
>>> email@hidden
>>> http://lists.apple.com/mailman/listinfo/fed-talk
>>>
>>> End of Fed-talk Digest, Vol 4, Issue 26
>>> ***************************************
>>> Classification: UNCLASSIFIED
>>> Caveats: None
>>>
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Fed-talk mailing list (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
>>>
>>
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden