Re: [Fed-Talk] [UPDATE STATUS] Mac OS X 10.5.3 - CAC - Safari
Re: [Fed-Talk] [UPDATE STATUS] Mac OS X 10.5.3 - CAC - Safari
- Subject: Re: [Fed-Talk] [UPDATE STATUS] Mac OS X 10.5.3 - CAC - Safari
- From: Boyd Fletcher <email@hidden>
- Date: Mon, 23 Jun 2008 18:11:42 -0400
- Thread-topic: [Fed-Talk] [UPDATE STATUS] Mac OS X 10.5.3 - CAC - Safari
Title: Re: [Fed-Talk] [UPDATE STATUS] Mac OS X 10.5.3 - CAC - Safari
Shawn,
for the below issue wouldn’t one acceptable approach be to allow the user to specify the requirement for a certificate for a site, regardless of whether or not it asks, as part of the bookmark for that site?
boyd
On 6/20/08 11:36 AM, "Shawn Geddis" <email@hidden> wrote:
Fed-Talk *DoD* Mac Users,
A bit more detail for those interested:
Several servers are configured to accept (but not require) a client certificate which gives you different content depending on whether you have presented a certificate. In 10.5.3, Safari will prompt you to select the correct certificate -- but only if the certificate is *required* by the server (i.e. it returns an error.) We no longer automatically send the first certificate found to the site. In these cases, the users will need to manually configure an association between which Certificate (ID, Email Signing, Email Encryption) to use for the specific URL they are accessing due to the Server's configuration. We look to address the challenge of when servers are configured as *Optional* in a future release.
Related Change in 10.5.3 Safari:
• Fundamental changes within Mac OS X on how Client-side Certificates are handled
Safari, Mac OS X 10.5.3: Changes in client certificate authentication
http://support.apple.com/kb/HT1679
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden