Re: [Fed-Talk] PIV-II usage on Macs
Re: [Fed-Talk] PIV-II usage on Macs
- Subject: Re: [Fed-Talk] PIV-II usage on Macs
- From: "Miller, Timothy J." <email@hidden>
- Date: Fri, 13 Feb 2009 09:35:27 -0500
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] PIV-II usage on Macs
On 2/12/09 7:20 PM, "Paul Nelson" <email@hidden> wrote:
> There are many other issues that you will encounter once you have gotten
> your first login to work using a smartcard. Here are some things to keep in
> mind:
> 1) Configuring certificates in the GAL so other users can send you encrypted
> e-mail. You'll want to be able to do this without needing a PC!
That's not all that hard. Stuff the DER-encoded encryption cert into
userCertificate, delete userSMIMECertificate, and make sure you push an
Office GPO that includes minimum encryption setting of 168 (this locks out
weak algorithms for S/MIME). Could do it with a script. :)
> 6) Rights elevation (like the windows runas or Apple's sudo) with only a
> smartcard (no password)
Doesn't this work already?
-- Tim
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden