• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [Fed-Talk] Shawn Geddis, Can you help a brother out? issue: Macs at my office are going away because PIV/CAC authorization not supported at boot up i.e. like bitlocker.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] Shawn Geddis, Can you help a brother out? issue: Macs at my office are going away because PIV/CAC authorization not supported at boot up i.e. like bitlocker.

  • Subject: Re: [Fed-Talk] Shawn Geddis, Can you help a brother out? issue: Macs at my office are going away because PIV/CAC authorization not supported at boot up i.e. like bitlocker.
  • From: "Levine, Jason (NIH/NCI) [E]" <email@hidden>
  • Date: Wed, 20 Jun 2018 16:19:41 +0000
  • Thread-topic: [Fed-Talk] Shawn Geddis, Can you help a brother out? issue: Macs at my office are going away because PIV/CAC authorization not supported at boot up i.e. like bitlocker.
But... how? Again, all documentation I can find (I've re-checked since my
earlier email) says that BitLocker does *not* support pre-boot authentication
with smartcards... it only allows smartcard decryption for removable drives and
non-system data drives (e.g., smartcard decryption *after* the full OS has
loaded, and critically, has loaded full support for the smartcard
driver/support stack).

Jason


Jason Levine, email@hidden
NCI CCR Associate Director for IT & Clinical Informatics
NCI CCR Pediatric Oncology Branch
(240) 276-5557

On 6/20/18, 12:04 PM, "Jacob, Raymond A Jr. CIV SPAWARSYSCEN-ATLANTIC, 59530"
<email@hidden> wrote:

    pre-boot
    >> Are you using PIV at bitlocker pre-boot environment <<

    -----Original Message-----
    From: Lamb, John (NIH/NIDCD) [E] [mailto:email@hidden]
    Sent: Wednesday, June 20, 2018 11:05 AM
    To: Jacob, Raymond A Jr. CIV SPAWARSYSCEN-ATLANTIC, 59530
<email@hidden>
    Subject: [Non-DoD Source] Re: [Fed-Talk] Shawn Geddis, Can you help a
brother out? issue: Macs at my office are going away because PIV/CAC
authorization not supported at boot up i.e. like bitlocker.

    Are you using PIV at bitlocker pre-boot environment, or are they allowing
pre-boot bypass and relying on PIV login at the windows login window?
Because... that’s less secure than FV2 + PIV login at login window.

    Thanks!

    John Lamb
    IT Specialist (Information Security)
    Information Systems Management Branch
    National Institute on Deafness and Other Communication Disorders
    240-688-7017
    email@hidden
    http://www.nidcd.nih.gov

    On 6/20/18, 10:55 AM, "Jacob, Raymond A Jr. CIV SPAWARSYSCEN-ATLANTIC,
59530" <email@hidden> wrote:

        Shawn:
                Macs at my office are going away because PIV/CAC authorization
not supported at boot up i.e. like bitlocker.

        New Girl help a brotha out
        https://www.youtube.com/watch?v=7szxqhSCgOw

        Thank you
        Raymond

        PS: I think the next battle front is TPM vs SEP but that fight is for
another day.

         _______________________________________________
        Do not post admin requests to the list. They will be ignored.
        Fed-talk mailing list      (email@hidden)
        Help/Unsubscribe/Update your Subscription:

        This email sent to email@hidden


     _______________________________________________
    Do not post admin requests to the list. They will be ignored.
    Fed-talk mailing list      (email@hidden)
    Help/Unsubscribe/Update your Subscription:

    This email sent to email@hidden


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: [Fed-Talk] Shawn Geddis, Can you help a brother out? issue: Macs at my office are going away because PIV/CAC authorization not supported at boot up i.e. like bitlocker.
      • From: "Miller, Timothy J." <email@hidden>
References: 
 >Re: [Fed-Talk] Shawn Geddis, Can you help a brother out? issue: Macs at my office are going away because PIV/CAC authorization not supported at boot up i.e. like bitlocker. (From: "Jacob, Raymond A Jr. CIV SPAWARSYSCEN-ATLANTIC, 59530" <email@hidden>)

  • Prev by Date: Re: [Fed-Talk] Shawn Geddis, Can you help a brother out? issue: Macs at my office are going away because PIV/CAC authorization not supported at boot up i.e. like bitlocker.
  • Next by Date: Re: [Fed-Talk] Shawn Geddis, Can you help a brother out? issue: Macs at my office are going away because PIV/CAC authorization not supported at boot up i.e. like bitlocker.
  • Previous by thread: Re: [Fed-Talk] Shawn Geddis, Can you help a brother out? issue: Macs at my office are going away because PIV/CAC authorization not supported at boot up i.e. like bitlocker.
  • Next by thread: Re: [Fed-Talk] Shawn Geddis, Can you help a brother out? issue: Macs at my office are going away because PIV/CAC authorization not supported at boot up i.e. like bitlocker.
  • Index(es):
    • Date
    • Thread