Re: [Fed-Talk] bug in SmartCard implementation
Re: [Fed-Talk] bug in SmartCard implementation
- Subject: Re: [Fed-Talk] bug in SmartCard implementation
- From: Boyd Fletcher <email@hidden>
- Date: Fri, 26 Sep 2008 13:41:57 -0400
- Thread-topic: [Fed-Talk] bug in SmartCard implementation
Title: Re: [Fed-Talk] bug in SmartCard implementation
so rebuild the cache in initial use after each reboot. problem solved.
requiring root to have to clean up the cache files certainly is not an acceptable solution – especially for an operating system that prides itself on usability.
On 9/26/08 1:20 PM, "Richard Murphy" <email@hidden> wrote:
On Sep 26, 2008, at 10:10 AM, Boyd Fletcher wrote:
> removing during reboot would be trivial. just add a rm –f /var/db/
> TokenCache/tokens/* to /etc/rc
If all we worried about was CAC and the DoD that would work. As a
local change you guys could do that.
> I think the best behavior is just to turn off caching or provide a
> option in keychain to turn off caching.
For your particular case that might work. If someone in the DoD
wanted to write their own CAC tokend they could have it work any way
they want.
> Why was smartcard caching even implemented. Is it really that much
> of a performance increase?
We do a lot of searches across keychains (Smart Cards are just another
keychain to us) for certificates. Smart Cards transfer data over a
slow serial interface.
- murf
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden