Re: [Fed-Talk] Oberthur ID One 128 v5.5 cards
Re: [Fed-Talk] Oberthur ID One 128 v5.5 cards
- Subject: Re: [Fed-Talk] Oberthur ID One 128 v5.5 cards
- From: Dave Schroeder <email@hidden>
- Date: Fri, 13 May 2011 10:32:36 -0500
Disagree...I don't want another client layered on top of the OS.[1] And on Windows 7, you don't even need ActivClient, because the integrated Smart Card functionality in Windows 7 works with everything I've tried. Granted, ActivClient can do "more" stuff in terms of manipulating the card, but the vast majority of users don't care about and/or need that functionality.
- Dave
[1] What I mean is, I prefer something tightly integrated with, and a part of, the OS.
On May 13, 2011, at 10:17 AM, Bob Colbert wrote:
> This may be another over-simplification of things, but since ActivClient
> on Windows seems to work with everything, how come Apple doesn¹t just
> license it and drop it in? I recall reading that ActivClient used to have
> a Mac client, but Im not sure why they stopped making it.
>
> Currently, I have to use ActivClient on Windows to mate the private keys
> with the certs from the ECA vendor to set up a new user. Everything that
> has been discussed thus far on this list for using CAC (or any Smart Card)
> on a Mac, has just been the usage of the cards in the OS, not the
> initialization/creation of them.
>
>
> The cost of ActivClient for Mac would be relatively small to ensure that
> it just works rather than have to keep posting to this list ;-)
>
> Thanks,
>
> Bob Colbert
> DE Technologies, Inc.
>
>
>
> On 5/13/11 10:31 AM, "Miller, Timothy J." <email@hidden> wrote:
>
>> On May 13, 2011, at 8:04 AM, Bob Colbert wrote:
>>
>>> Im not a programmer by any means, but if I were, it would seem that
>>> adjusting the source code for the card reading profile with the built-in
>>> Mac tokends to actually parse the certificates would be something that
>>> takes an hour or so.
>>
>> ECA smartcards are actually a different data model than the CAC and PIV,
>> though IIRC the vendors are migrating to PIV-Compatibility. So
>> supporting these cards needs a completely different tokend, not a tweak
>> to existing code.
>>
>> The reason the card shows up is because the underlying cardstock is
>> recognized by (at least one) tokend, but since the data model is
>> different it won't actually work. This is a legacy of the days when
>> every card had a unique data model, which meant that "overlaps" never
>> occurred and the ATR code could be used to select appropriate drivers.
>> Today, card abstraction layers (SP800-73, GSC-IS 2.1, JCOP, etc.) mooted
>> this method (one ATR could map to an infinite number of data models), but
>> this doesn't mean that the various software stacks grok it properly.
>>
>> -- T
>>
>>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden