Re: [Fed-Talk] Secure email with Mac and iOS
Re: [Fed-Talk] Secure email with Mac and iOS
- Subject: Re: [Fed-Talk] Secure email with Mac and iOS
- From: "Miller, Timothy J." <email@hidden>
- Date: Fri, 21 Oct 2011 19:30:08 +0000
- Thread-topic: [Fed-Talk] Secure email with Mac and iOS
Key recovery only refers to encryption certificates. Signature and
identity certificates are generated on the CAC and are not escrowed.
-- T
On 10/21/11 8:57 AM, "Sean Malone" <email@hidden> wrote:
>Colonel Fasano,
>
>DoD CAC cards will not allow exporting of certificates directly from
>them, per security measures. There is a bit specifically set when the
>cards are issued to prevent it.
>
>However, there is a DISA website you can go to for the "recovery" of the
>same certificates found on your CAC card. I'll send that to you in an
>off-list response when I locate it.
>
>Regards,
>
>Sean P. Malone - ACSA, CISSP
>Ironport Consulting Engineer - AKO
>Cisco - Advanced Services
>email@hidden
>Phone: 703.484.4067 <tel:703.484.4067>
>Mobile: 571.294.7287 <tel:571.294.7287> *
>Pager: 703.660.1130 <tel:703.660.1130>
>
>
>On Oct 21, 2011, at 8:40, "Fasano, John W COL RES USAR USARC"
><email@hidden> wrote:
>
>
>This is great, except that I can't seem to export the certificate in the
>correct format off the CAC card. Keychain Access reports an error.
>
>John W FasanoCOL, MS
>Chief of Ops & Admin
>228th Combat Support Hospital
>Mobile: 210-884-6673
>Blackberry: 316-239-9843
>E-Mail: email@hidden <blockedmailto:email@hidden>
>
>
>On Oct 19, 2011, at 12:45 PM, Todd Heberlein <email@hidden
><blockedmailto:email@hidden>> wrote:
>
>
>
>Not a bad article on securing your email. The whole process (including
>getting the certificate, getting it into your keychain, and (worse)
>getting it to your iOS device) still seems overly complicated, but after
>that it seems pretty painless.
>
>
>How to secure your e-mail under Mac OS X and iOS 5 with S/MIME
>http://arstechnica.com/apple/guides/2011/10/secure-your-e-mail-under-mac-o
>s-x-and-ios-5-with-smime.ars
><blockedhttp://arstechnica.com/apple/guides/2011/10/secure-your-e-mail-und
>er-mac-os-x-and-ios-5-with-smime.ars>
>
>
>Once you've installed a certificate under Mail on the Mac, you can then
>compose a message with a From: address that matches the e-mail address in
>the cert. Here, you have the option of encrypting and/or signing your new
>message. Encryption is toggled using a lock icon and signing with a
>checkmark icon. Note that these settings carry over to subsequent
>messages. Signing requires access to your private key, so depending on
>your keychain settings, you may have to type your password. Encrypting,
>on the other hand, (only) requires the certificate of the person you're
>e-mailing. Mail automatically adds all the certificates found in signed
>messages you've received to your keychain. So if you don't have someone's
>cert, just ask them to send you a signed message.
>
>
>
>
>Todd
>
>
>
> _______________________________________________
>Do not post admin requests to the list. They will be ignored.
>Fed-talk mailing list (email@hidden
><blockedmailto:email@hidden>)
>Help/Unsubscribe/Update your Subscription:
>rmy.mil>
>
>This email sent to email@hidden
><blockedmailto:email@hidden>
>
>
>
>
> _______________________________________________
>Do not post admin requests to the list. They will be ignored.
>Fed-talk mailing list (email@hidden)
>Help/Unsubscribe/Update your Subscription:
>
>This email sent to email@hidden
>
> _______________________________________________
>Do not post admin requests to the list. They will be ignored.
>Fed-talk mailing list (email@hidden)
>Help/Unsubscribe/Update your Subscription:
>
>This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden