Re: [Fed-Talk] re: OpenSSL on OS X old?
Re: [Fed-Talk] re: OpenSSL on OS X old?
- Subject: Re: [Fed-Talk] re: OpenSSL on OS X old?
- From: "Timothy J. Miller" <email@hidden>
- Date: Wed, 13 May 2009 10:54:48 -0500
Gillett, Thomas J. (CMS/CTR) wrote:
A niche, I disagree our laptops are MANDATED to be fully encrypted, and
I'm certain many other federal facilities will as well.
Federally-owned systems comprise what proportion of the workstation and
laptop market?
Also, implementation, deployment, and management requirements vary
greatly between FDE deploying organizations. What works for Army won't
work for AF, and what would work for both won't work for DoE.
That's what makes FDE a better fit for third-party developers.
As for CAC , in windows if you take a recently issued smartcard
(PIV-II) and put it in a new machine , you will at least get a prompt
to enter your pin. In my experience , OS X Does not seem to even
> recognize the card at the login screen , it still asks for a user name
> and password.
There was a *whole mess* of deployment and configuration that went into
making that work on Windows. Middleware had to be bought and installed,
the domain had to be configure to enable smartcard logon, *and your
account had to be modified*.
To expect OS X smartcard logon to function without similar effort is not
reasonable. Apple makes one thing easy for you in that you don't need
to buy, test, and deploy PIV middleware; but you still need to enable
the account. Apple has supplied everything you need for *you* to turn
on PIV logon to *local* accounts; if you haven't done so, why is this
Apple's fault?
-- Tim
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden