[Fed-Talk] Fixing SmartCard support in MacOSX
[Fed-Talk] Fixing SmartCard support in MacOSX
- Subject: [Fed-Talk] Fixing SmartCard support in MacOSX
- From: Boyd Fletcher <email@hidden>
- Date: Tue, 23 Sep 2008 09:58:32 -0400
- Thread-topic: Fixing SmartCard support in MacOSX
Judging by all the email still circulating on CAC/PIV support in MacOS X,
its pretty clear that its not working reliably and the process to get it
working is far from intuitive for normal users.
Some suggestions based on my experiences and several others in the office.
1. add ability to do wildcards or better yet make the software assume all
URLs derived from the base URL provided will use that certificate (you could
have a check box for that). finding the exact URL is not something most
users will get right and is certainly not user friendly.
2. Add "File->New Identity Preference" to the KeyChain menu. Burying it by
right clicking on a certificate is not very user friendly.
3. Add a right click setting in Safari and a menu option to set the "ID
Preference" for a website for the current URL
4. In "New Id Preference" dialog, you can't tell which CAC certificate is
which. users need to be able to tell which is ID, email sign, email encrypt.
5. Better yet, provide a UI in Safari to so that users can manage URLs that
require certificates and provide a mechanism to assign which certificate to
use for that web site. Certificates would then be sent to that web site
regardless of whether or not it asks so long as https is used. If this UI
updates the Key Chain then thats even better.
boyd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden