Re: [Fed-Talk] Secure email with Mac and iOS
Re: [Fed-Talk] Secure email with Mac and iOS
- Subject: Re: [Fed-Talk] Secure email with Mac and iOS
- From: Michele Thomas <email@hidden>
- Date: Mon, 24 Oct 2011 08:46:00 -0400
How does the use of Bluetooth reconcile with the PKI Certificate Policy?
Michèle Thomas
U.S. Dept. of Energy
On Oct 24, 2011, at 8:40, "Miller, Timothy J." <email@hidden> wrote:
> On 10/24/11 7:10 AM, "Michele Thomas" <email@hidden> wrote:
>
>> How do you deliver the key to the iOS device? With a BlackBerry it's over
>> a wired connection. But in the Good solution don't you have to do it over
>> the air? Doesn't that violate PKI policy?
>
> Good supports the CAC and PIV, so the only key delivery is the device
> enrollment key used to bind the iOS application to the enterprise
> management server. There is an enrollment ceremony for this, but I don't
> know all the details.
>
> Good supports the CAC using the Apriva Bluetooth smartcard reader and a
> *separate* Bluetooth module that plugs into the dock port. The reader
> requires its own key establishment because Bluetooth security stinks on
> ice, so an additional software encryption layer is required. There's an
> enrollment ceremony for this too, but again, I don't know all the details.
>
> The Blackberry delivery you refer to is only the email encryption key. In
> the DoD this method is no longer supported, as RIM supports the CAC with
> its own Bluetooth smartcard reader. DoD Blackberry users are expected to
> use their CACs for device unlock, email signing, and encryption. There's
> a DTM on this, but I can't find it at the moment.
>
> -- T
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden