Shawn,
I may sound like a total tool here, but I don’t quite get why CAC or any SmartCard support is so hard. I posted about my particular ECA certificate card on the SourceForge SmartCard site in the bug fix area. I think you responded to me previously that it has something to do with parsing the profile, etc. I believe you responded that it was a matter of updating a section of the tokend code to adjust it, and it would take awhile to address it.
I know there is an acronym soup governing these things, but I guess I tend to look at this stuff as a black box. All of the basic internet services (DNS, DHCP, et.al) have RFCs governing their use, but fortunately the end-user is blissfully unaware of them because Apple (and other OS vendors) do a good job of just making it work.
Arent all of the different CACs and SmartCards just parsing something a little differently based on the byte layout or something? I write a lot of single use code in Excel, VB, Fortran, etc. for parsing text files and such for scientific computing. Once a overall framework is setup, isnt the parsing of the different CAC/Smart Cards just formatting the read statements a little differently? I am probably oversimplifying things a lot, but I guess my point is that the end-user shouldn’t have to think about the details of these things when all they want to do is connect to websites, and sign/encrypt emails with their CAC/Smart Card. The current situation is very un-Mac like.
The SmartCard issues cant be any harder than a lot of the problems developed and overcame for the current release of Lion. So my only conclusion is that it has to be a resource allocation/cost benefit issue to fix the current situation. Apple usually goes consumer first and does a great job of putting an ecosystem together. Believe me, I have a ton of Apple gear at home that I love. I guess solving the CAC/SmartCard issue perhaps isnt worth the money to solve for an admittedly much smaller audience than the entire consumer market segment.
I would digitally sign this email, but I would have to boot up my VMWare Fusion with XP in it to do so. ;-)
Bob Colbert
DE Technologies, Inc.