Re: [Fed-Talk] CAC Patch 1.2 help requested
Re: [Fed-Talk] CAC Patch 1.2 help requested
- Subject: Re: [Fed-Talk] CAC Patch 1.2 help requested
- From: Paul Nelson <email@hidden>
- Date: Mon, 22 Sep 2008 10:02:29 -0500
- Thread-topic: [Fed-Talk] CAC Patch 1.2 help requested
The spec you reference only applies to WINTEL environments per section 1.4
(Document Scope)
Do you think a newer version will expand the scope to non WINTEL platforms?
Do you know who might be working on a spec that would apply to non-WINTEL
environments?
Paul Nelson
Thursby Software Systems, Inc.
> From: "Timothy J. Miller" <email@hidden>
> Date: Mon, 22 Sep 2008 07:56:54 -0500
> To: "Shawn A. Geddis" <email@hidden>
> Cc: Ben Dugas <email@hidden>, Apple Fed Talk <email@hidden>
> Subject: Re: [Fed-Talk] CAC Patch 1.2 help requested
>
> Shawn A. Geddis wrote:
>
>> We provide the ability to unlock the Smart Card via Keychain Access, but
>> there is no need to. Anytime the OS services need to use your Private
>> Key on the card or display the PIN protected data on the card, you would
>> be prompted for the Smart Card's PIN (It will ask for the Keychain's
>> Password -- and since the Smart Card is a Keychain, the PIN == Password
>> referenced in the Dialog). As long as you do not remove the Smart Card,
>> you will not be prompted again for the PIN.
>
> A note for Shawn and the policy wonks: This is contrary to the DoD
> Middleware Requirements Release 3.0, Section 4.12.1.2:
>
> """
> 4.12.1.2 Middleware shall have the ability to set the amount of
> inactivity time, which should elapse before the card requires a PIN
> entry. Inactivity time shall be defined as the amount of time elapsed
> since the last time a PIN-protected area on the CAC was accessed
> """
>
> Don't panic: the spec is being revised, so who knows what 4.0 will say.
> ;)
>
> -- Tim
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden