The camera USB kit works with USB drives and keyboards in addition to cameras
As for 3rd party, approach i disagree. Basic smartcard services should be part of the core o/s so that there are consistent implementations. That is was one of great features of mac o/s. All apps have a strong well engineered security infrastructure to use. IMO, with few exceptions, when 3rd party app devs implement that level of security they usually screw it up.
Boyd Fletcher M: 757.535.8190 O: 410.854.4064 Sent from my iPhone.
On May 10, 2010, at 11:58, "Shawn A. Geddis" < email@hidden> wrote: Boyd,
On May 10, 2010, at 11:45 AM, Boyd Fletcher wrote: I tried connecting a scr-331 to my ipad with the USB camera connect kit . No luck , o/s responded with unknown USB device
The "USB Camera Kit" is for ... "a Camera"... and requires corresponding services running on the iPhone to recognize and handle the attaching of Camera devices to the connector.
So apple needs to port over tokend and related software so that developers can access smartcard readers. Since apple has already done all the hard work for macos it should be straight forward for iPhone o/s.
Ah, in short, no. "Smart Cards as Keychains" concept in Mac OS X is based largely on CDSA - Common Data Security Architecture which is not and will never be brought over to the iPhone. It is a sizable architecture (~1100 APIs) and one that will not be running as part of the iPhone OS.
Apple could technically, but does not currently provide the equivalent service on iPhone OS. That said, there is no reason why any Third-party cannot provide their own solution as just noted by Tim Miller.
This is true for anyone wanting to sell a smartcard *framework* within the *app* model. You could, however, sell a smartcard framework to app developers (similar to the FIPS 140 cryptomodule discussed last week) who would then sell smartcard-enabled apps.
The walled garden approach is not a deal-breaker. In some ways, it can be an enabler. E.g., it might enable gov't to run an approved app on personally-owned iPhones &c. without the normal run of security concerns because the gov't data and access is all kept within the application sandbox.
-- Tim
-Shawn __________________________________________________ Shawn Geddis email@hiddenSecurity Consulting Engineer email@hiddenMacOSForge Project Lead: Smart Card Services Web: http://smartcardservices.macosforge.org/ Lists: http://lists.macosforge.org/mailman/listinfo__________________________________________________
On May 10, 2010, at 9:35, "Miller, Timothy J." <email@hidden> wrote: Not without an unrestricted USB port on the mobile i-devices. It remains to be seen what else can be done with the camera connection kit.
However, we also have the added problem that some smartcards and/or smartcard readers require 5V. IIRC, the dock connector only does 3V. This isn't insurmountable (put a battery in the reader) but it does make life harder for the vendor, who now needs to produce software *and* hardware, not just software. This is a considerable barrier to entry for what really is a niche product.
I was thinking more along the lines of the missing BT HID profiles in the iPhone/iPod.
-- Tim
-----Original Message-----
From: Peter Link [mailto:email@hidden]
Sent: Monday, May 10, 2010 8:27 AM
To: Miller, Timothy J.
Cc: 'Shawn A. Geddis'; Nichols, Jared - 1160 - MITLL; Fed Talk
Subject: Re: [Fed-Talk] iPhone/iPad CAC
Is the SCR3500 mobile enough?
http://www.scmmicro.com/en/products-services/smart-card-readers-
terminals/smart-card-reader/scr3500.html
I bought one through Holman's for less than $20. It collapses into a
package 1-7/8 L x 3/4 W x 7/16 D. I can't say the camera/USB connector
will work with this device but it does work on my regular Mac.
On May 10, 2010, at 6:18 AM, Miller, Timothy J. wrote:
The 'slow' part is there's no mobile smartcard reader available, but
that's not (entirely) Apple's fault (since iPhone 3, anyway).
IMHO, a vendor like Good Technologies would be a better place to
hammer on this particular podium.
-- Tim
-----Original Message-----
From: fed-talk-bounces+tmiller=email@hidden [mailto:fed-
talk-bounces+tmiller=email@hidden] On Behalf Of Shawn A.
Geddis
Sent: Friday, May 07, 2010 2:58 PM
To: Nichols, Jared - 1160 - MITLL
Cc: Fed Talk
Subject: Re: [Fed-Talk] iPhone/iPad CAC
On May 5, 2010, at 2:01 PM, Nichols, Jared - 1160 - MITLL wrote:
Oh I understand that, I just meant that Apple seems slow (if it's
moving at all) to support smartcards more than they do, that's all.
Interesting statement considering that Apple is the only OS vendor
providing you with out-of-the-box support for the US Federal
Government
Smart Cards (CAC/PIV, with CACNG emerging). Because there is not a
physical slot in your MacBook Pro does not mean that Apple is Slow or
not supporting Smart Cards.
Please clarify the foundation of your statement.
- Shawn
_____________________________________________________
Shawn Geddis - Security Consulting Engineer - Apple Enterprise
|