RE: [Fed-Talk] Deploying ActivClient software for Mac OS X 10.5.x
RE: [Fed-Talk] Deploying ActivClient software for Mac OS X 10.5.x
- Subject: RE: [Fed-Talk] Deploying ActivClient software for Mac OS X 10.5.x
- From: "Miller, Timothy J." <email@hidden>
- Date: Thu, 5 Aug 2010 16:51:02 -0400
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] Deploying ActivClient software for Mac OS X 10.5.x
ActivIdentity's client is needed if you're planning to use their Token Management Service to do PKI initialization at the desktop; IIRC they use the BSI API for this function, which isn't supported by OS X natively.
-- Tim
>-----Original Message-----
>From: fed-talk-bounces+tmiller=email@hidden [mailto:fed-
>talk-bounces+tmiller=email@hidden] On Behalf Of Disiena,
>Ridley J. (GRC-VO00)[DB Consulting Group, Inc.]
>Sent: Thursday, August 05, 2010 3:13 PM
>To: Rich Trouton
>Cc: Fed Talk
>Subject: Re: [Fed-Talk] Deploying ActivClient software for Mac OS X
>10.5.x
>
>
>What size keys do you have on your PIV Certificates? If you have 1024
>you should be able to use the native PIV.tokend in 10.5.x. 2048 is not
>natively supported, Apple has only fixed that in the PIV.tokend in
>10.6.x. See here for more info on key sizes:
>
>http://smartcardservices.macosforge.org/trac/ticket/4
>
>Note: Federal issuers are required to issue all new certificates with
>2048 size keys after 12-31-2009.
>
>A note on ActivClient 3.0.x: You may wish to test it for the uses of
>the PIV cards you have. We have found that it fails TLS 1.0 mutual,
>client and server side, authentication using the ActiveIdentity.tokend
>with web applications via Safari. It also appears to be and end of life
>commercial software product, there is no ActiveClient for 10.6.x and no
>official word if there will ever be such a product.
>
>-Ridley
>
>On Aug 5, 2010, at 3:28 PM, Rich Trouton wrote:
>
>
> I'm looking into deploying ActivClient 3.0.x software for our
>10.5.x
> Macs using Absolute Manage (formerly LANrev), as part of meeting a
> 12-31 deadline for having PIV card middleware installed on our
> computers.
>
> Has anyone installed the ActivClient software remotely? If so,
>what
> gotchas have you seen?
>
> Thanks,
> Rich
>
> ---
>
> Rich Trouton (Contractor)
> LAN Support
> email@hidden
> -----------------------------------------------------------
> National Human Genome Research Institute
> National Institutes of Health - Bethesda, MD
>
> Office number:
> (240) 506-7993
>
> NIH Help Desk:
> (301) 496-4357
>
> NIH support request website:
> http://ithelpdesk.nih.gov/Support/
>
> The best way to get in touch with me is through email.
>
>
>
> <smime.p7s><ATT00001..txt>
>
>
>Ridley DiSiena
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden