Re: [Fed-Talk] CAC only sign on
Re: [Fed-Talk] CAC only sign on
- Subject: Re: [Fed-Talk] CAC only sign on
- From: Henry B Hotz <email@hidden>
- Date: Thu, 27 Mar 2014 11:11:04 -0700
On Mar 27, 2014, at 10:54 AM, "Shawn A. Geddis" < email@hidden> wrote: On Mar 26, 2014, at 11:11 AM, "Bell, Ian F CTR NAWCAD, 7.2.4” < email@hidden> wrote: Great, how do they sign in to File vault then?
FileVault 2 (FDE) does not support the use of a Hardware Token (ie. Smart Card) for unlocking of your encrypted volume. This capability would actually require a kernel boot all the way up to and including the loading of CDSA within the confines of EFI.
Probably only the Federal space would be really interested, but *I* think it would be fun.
No it's not trivial because there's a lot of stuff you'd need to reimplement. No offense to Apple, but I'd start with OpenSC, or some hardware vendor's EFI code if I could get it.
And I'm getting off-topic because this isn't a development list. Sorry. Replies should be off-list.
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden