[Fed-Talk] bug in SmartCard implementation
[Fed-Talk] bug in SmartCard implementation
- Subject: [Fed-Talk] bug in SmartCard implementation
- From: Boyd Fletcher <email@hidden>
- Date: Fri, 26 Sep 2008 11:51:21 -0400
- Thread-topic: bug in SmartCard implementation
Apple Folks:
apparently there is a nasty bug in Tiger and Leopard related to the way
smartcard tokens are cached. Apparently the cache is persistent through
reboots. Its my understanding that if you provide a SmartCard that the
tokens are cached in /var/db/TokenCache/tokens and it requires root to
delete them. This is a big problem in DOD when a user changes the email
address on their CAC. The new certs are not processed by MacOS. We have
experienced this problem with a bunch of users lately and its is very
frustrating.
I can somewhat see the value in some caching, but caches like that should
never persistent through reboots and probably not through logon/logoff
cycles.
This really should be fixed. Requiring root to clean the cache this is a bad
thing.
boyd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden