Re: [Fed-Talk] Q on CAC on iOS
Re: [Fed-Talk] Q on CAC on iOS
- Subject: Re: [Fed-Talk] Q on CAC on iOS
- From: Bob Colbert <email@hidden>
- Date: Fri, 10 Sep 2010 14:27:04 -0400
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] Q on CAC on iOS
Tim,
I talked a salesperson at Good a few months ago and they were forwarding my
questions to their engineering staff about their PKI-enabled iOS product
coming soon. This was a few months back and no one could answer if they
were going to enable Smart Card access for the certs. I suspected that they
were originally going to support software certificates initially. But if
they want to crack into the government market, they obviously will have to
support CAC/PIV-type cards.
I asked if they were going to support Smart Cards via that Bluetooth reader
I saw people on this list had referenced or go with some sort of sled
design. I would be ok with either. The sled for the iPhone wouldn't be too
much of a hassle, but the iPad would be another story.
I am looking forward to this product release and have recently asked for an
update to their release schedule for this product, but havent heard back.
Please update this list as you find out additional info or else email me
directly.
Thanks,
----
Bob Colbert
DE Technologies
On 9/10/10 11:33 AM, "Miller, Timothy J." <email@hidden> wrote:
> FWIW, I had a meeting with Good Technologies this week, and they're bringing a
> PKI-enabled version of their software suite to the iOS platform soon, rapidly
> to be followed up with a version that supports smartcards. Only notional
> dates were given (which I decline to repeat) and I'm not under an NDA so this
> is effectively public information.
>
> Some interesting tidbits:
>
> - The in-app webkit browser will have client PKI authentication.
>
> - No support for the Document Sharing API for information security reasons, so
> they're going to run a mobile Office suite *inside* their application sandbox.
>
> - Jailbreak and root detection; the app won't install on jailbroken or rooted
> platforms, and will wipe itself if the app detects either after installation.
>
> - The app will erase itself if it's prevented from communicating to the user's
> provisioning service (the length of this grace period is configurable) as a
> self-defense measure.
>
> No demos as the meeting was an opportunistic one (the engineer was nearby
> meeting with another org on a different topic), but still good information.
>
> -- Tim
>
>
>> -----Original Message-----
>> From: fed-talk-bounces+tmiller=email@hidden [mailto:fed-
>> talk-bounces+tmiller=email@hidden] On Behalf Of Shawn A.
>> Geddis
>> Sent: Thursday, September 09, 2010 3:05 PM
>> To: Erik W. van Bronkhorst
>> Cc: Fed-talk
>> Subject: Re: [Fed-Talk] Q on CAC on iOS
>>
>> On Sep 9, 2010, at 2:55 PM, Erik van Bronkhorst wrote:
>>> Any idea if CAC will ever work with iOS devices such as the iPad or
>> iPhone ?
>>
>>
>> This question has been asked / answered quite a number of times, but I
>> know there has been a large number of new members to the list, so I'll
>> give the 30-second update on this...
>>
>> iOS (as of v4.1) does not provide built-in Smart Card Services nor does
>> it provide support for an attached reader. However, starting with the
>> release of the first SDK and then the Dev access to the 30-PIN &
>> Bluetooth [1] which was made available at the release of the iPhone SDK
>> 3.0 - July 2009, ANY Developer has the independent capability of
>> building in support to their application for almost any hardware
>> attachment built to the MFI (Made for iPhone/iPad/iPod) specifications.
>>
>> Lots of activity from third parties on this, but nothing publicly
>> announced as of today.
>>
>> - Shawn
>> [1] http://developer.apple.com/programs/mfi/
>> _____________________________________________________
>> Shawn Geddis - Security Consulting Engineer - Apple Enterprise
>>
>>
>>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden