Re: [Fed-Talk] Secure email with Mac and iOS
Re: [Fed-Talk] Secure email with Mac and iOS
- Subject: Re: [Fed-Talk] Secure email with Mac and iOS
- From: Paul Nelson <email@hidden>
- Date: Mon, 24 Oct 2011 09:35:56 -0500
Bimetric Associates Blutooth Reader FAQ:
http://www.biometricassociates.com/reader-faq.html
On Oct 24, 2011, at 7:46 AM, Michele Thomas wrote:
> How does the use of Bluetooth reconcile with the PKI Certificate Policy?
>
> Michèle Thomas
> U.S. Dept. of Energy
>
>
> On Oct 24, 2011, at 8:40, "Miller, Timothy J." <email@hidden> wrote:
>
>> On 10/24/11 7:10 AM, "Michele Thomas" <email@hidden> wrote:
>>
>>> How do you deliver the key to the iOS device? With a BlackBerry it's over
>>> a wired connection. But in the Good solution don't you have to do it over
>>> the air? Doesn't that violate PKI policy?
>>
>> Good supports the CAC and PIV, so the only key delivery is the device
>> enrollment key used to bind the iOS application to the enterprise
>> management server. There is an enrollment ceremony for this, but I don't
>> know all the details.
>>
>> Good supports the CAC using the Apriva Bluetooth smartcard reader and a
>> *separate* Bluetooth module that plugs into the dock port. The reader
>> requires its own key establishment because Bluetooth security stinks on
>> ice, so an additional software encryption layer is required. There's an
>> enrollment ceremony for this too, but again, I don't know all the details.
>>
>> The Blackberry delivery you refer to is only the email encryption key. In
>> the DoD this method is no longer supported, as RIM supports the CAC with
>> its own Bluetooth smartcard reader. DoD Blackberry users are expected to
>> use their CACs for device unlock, email signing, and encryption. There's
>> a DTM on this, but I can't find it at the moment.
>>
>> -- T
>>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden