[Fed-Talk] RE: DoD ECA Certificates - Hardware vs Software with the Mac
[Fed-Talk] RE: DoD ECA Certificates - Hardware vs Software with the Mac
- Subject: [Fed-Talk] RE: DoD ECA Certificates - Hardware vs Software with the Mac
- From: "Miller, Timothy J." <email@hidden>
- Date: Mon, 10 May 2010 09:50:05 -0400
- Acceptlanguage: en-US
- Thread-topic: DoD ECA Certificates - Hardware vs Software with the Mac
>* Is this middleware still required using Mac 10.6.3? Previous
>posts by Shawn Geddis from Apple seem to apply that everything is
>provided for within the Mac OS.
This depends on the cards. If the ECA card data follows CAC or PIV, you should be fine (presuming no bugs). I don't have an ECA vendor card (I test primarily CACs, PIVs, and PIV-compatibles) so I don't know for sure. Since CAC uses card applets initially developed by ActivIdentity, it may be a CAC-model card.
>* The ECA vendor seemed to imply that the current version of
>ActivClient is not ready for Snow Leopard.
Yes and no. Card personalization has issues on SL (though these may be resolvable, I've been working with AI CMS lately and will know more this afternoon), but the ACTIVCARD.tokend process appears to run. I've not gotten past trying to get personalization to work, though, so there may be issues beyond this. However, if the card data model is CAC or PIV compatible, you shouldn't need the AI provided tokend.
>* Does this middleware impact the logon process or just when I want
>to sign/encrypt emails?
Only if you want it to.
>* Does this middleware interface properly with either Mac Mail or
>Microsoft Entourage or again, is this middleware redundant?
Both play with CDSA (mostly) properly. Entourage uses an older keychain trust model, but it's not insurmountable.
-- Tim
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden