Re: [Fed-Talk] Secure email with Mac and iOS
Re: [Fed-Talk] Secure email with Mac and iOS
- Subject: Re: [Fed-Talk] Secure email with Mac and iOS
- From: "Miller, Timothy J." <email@hidden>
- Date: Mon, 24 Oct 2011 12:40:42 +0000
- Thread-topic: [Fed-Talk] Secure email with Mac and iOS
On 10/24/11 7:10 AM, "Michele Thomas" <email@hidden> wrote:
>How do you deliver the key to the iOS device? With a BlackBerry it's over
>a wired connection. But in the Good solution don't you have to do it over
>the air? Doesn't that violate PKI policy?
Good supports the CAC and PIV, so the only key delivery is the device
enrollment key used to bind the iOS application to the enterprise
management server. There is an enrollment ceremony for this, but I don't
know all the details.
Good supports the CAC using the Apriva Bluetooth smartcard reader and a
*separate* Bluetooth module that plugs into the dock port. The reader
requires its own key establishment because Bluetooth security stinks on
ice, so an additional software encryption layer is required. There's an
enrollment ceremony for this too, but again, I don't know all the details.
The Blackberry delivery you refer to is only the email encryption key. In
the DoD this method is no longer supported, as RIM supports the CAC with
its own Bluetooth smartcard reader. DoD Blackberry users are expected to
use their CACs for device unlock, email signing, and encryption. There's
a DTM on this, but I can't find it at the moment.
-- T
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden