RE: [Fed-Talk] iPhone/iPad CAC
RE: [Fed-Talk] iPhone/iPad CAC
- Subject: RE: [Fed-Talk] iPhone/iPad CAC
- From: "Miller, Timothy J." <email@hidden>
- Date: Mon, 10 May 2010 11:51:52 -0400
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] iPhone/iPad CAC
>The real problem was with the completely locked down security
>architecture of the iPhone OS. This prevents my card reader /
>middleware from being useful to any other iPhone apps. I would have had
>to write a web browsing app, and an e-mail client for the iPhone. My
>solution would not help with VPN either.
This is true for anyone wanting to sell a smartcard *framework* within the *app* model. You could, however, sell a smartcard framework to app developers (similar to the FIPS 140 cryptomodule discussed last week) who would then sell smartcard-enabled apps.
The walled garden approach is not a deal-breaker. In some ways, it can be an enabler. E.g., it might enable gov't to run an approved app on personally-owned iPhones &c. without the normal run of security concerns because the gov't data and access is all kept within the application sandbox.
-- Tim
>-----Original Message-----
>From: Paul Nelson [mailto:email@hidden]
>Sent: Monday, May 10, 2010 10:37 AM
>To: Fed Talk
>Cc: Miller, Timothy J.; Peter Link; Arendt, Christopher D Capt USAF AETC
>AFLMA/LGY
>Subject: Re: [Fed-Talk] iPhone/iPad CAC
>
>Last year at WWDC, I looked into what it would take to get a CAC to work
>with the iPhone. I concluded that it was not going to be workable,
>although it would be possible. The reason for giving up on this had
>nothing to do with how to get a card reader attached. The iPhone
>hardware program would work with a vendor to make that possible.
>
>The real problem was with the completely locked down security
>architecture of the iPhone OS. This prevents my card reader /
>middleware from being useful to any other iPhone apps. I would have had
>to write a web browsing app, and an e-mail client for the iPhone. My
>solution would not help with VPN either.
>
>To summarize, getting a vendor to work with Apple on a card reader
>solution is going to be a waste of time unless there is a way for that
>card reader to work within the security architecture of the iPhone OS.
>On the Mac OS this has been taken care of with pcscd and Tokend software
>integrating a smart card and reader into the Keychain.
>
>Paul Nelson
>Thursby Software Systems, Inc.
>
>On May 10, 2010, at 8:44 AM, Arendt, Christopher D Capt USAF AETC
>AFLMA/LGY wrote:
>
>> Frankly, I've been holding my breath since I saw the BlueTooth OmniKey
>> 2061 back in September...still waiting.
>> Maybe I should write them a nice letter, guaranteeing them they'll
>sell
>> at least a dozen if they make it iPhone ready ;-)
>>
>> http://www.hidglobal.com/prod_detail.php?prod_id=369
>>
>> The Mac OS X driver has been "in preparation" since the first time I
>saw
>> this thing. I check back every day, but still no update.
>> Hope springs eternal...
>>
>> http://www.hidglobal.com/driverDownloads.php?techCat=19&prod_id=369
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden