Re: [Fed-Talk] [EXTERNAL] Smartcard decryption not working under Sonoma
Re: [Fed-Talk] [EXTERNAL] Smartcard decryption not working under Sonoma
- Subject: Re: [Fed-Talk] [EXTERNAL] Smartcard decryption not working under Sonoma
- From: "Neely, Lee via Fed-talk" <email@hidden>
- Date: Fri, 9 Feb 2024 17:10:36 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=llnl.gov; dmarc=pass action=none header.from=llnl.gov; dkim=pass header.d=llnl.gov; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iqu08D6JbLW9F8agH4zumVfhXENkEAb0nrYZPdE132w=; b=GIXjrfc1IYZGTHX1ybXdiZSU7E+YLuVWovn7VZtNV9SjzBjVDj81TSKvQD0eikUNy49ANEX0g82w9pWBNQ99XQCO4xeE6owEb7kysKPDIavjKZWmxjGTyvOykhlKSxv5fdPufkug0TnZ91tplDMRuqABpM+nCE89ySHdFkYEooRoweHEqU69km5G3DzsRwVal96Z5d2U7g4CFreuSEzyh5xqmam1ZzLWu1fGHt6MU77uf8gD46Vd9tHRvW8SknBI50aezS4ctUzuE+YX5fqY0lcA+bjeExsi93avqBkW43tvhdIPIA0WVMRo++AiC/VKjJ189RJSQH9sS+ev/eE/qQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GTxvRJgLJ5f9Upa8BkRFpwOV3DDY5E1AKRIQQQ3AvnIm3xEBiW852R6exNx2+iD/lI4gRjrZ5mUTZ1LR+lT5DimxGSpiGBktcweMaXc4BtXF/1j3dqdOQUeCAWmtLtGpqUGIyd+y6BZQqwLDo/4LZ1T7AbnGSOZbQGWg6L2oX71Hp84r1xI+4qEeqkaJn+/8KjBqDldnCFovxLh5hBz4EyLnMMezdqfylxS1sQ3BPY0gSak/qag2Ey14OsCPRqezU6wVWrs0CFX11D6ZyqwhtRXNPMmTTrofSmO3BkEMsC9fIeUGwRZ3gqCuV3bDDADMKkrDg6hNvRWsZAEPaf5ZEg==
- Thread-topic: [Fed-Talk] [EXTERNAL] Smartcard decryption not working under Sonoma
I think the refile PIN prompt is tied to indexing (and validating) the message
– who knows.
Never knew the cache capability was baked in - heavy sigh…. Heck, it doesn’t
even look like Apple uses it…
Lee
From: Ken Hornstein <email@hidden>
Date: Friday, February 9, 2024 at 9:28 AM
To: Neely, Lee <email@hidden>
Cc: email@hidden <email@hidden>
Subject: Re: [Fed-Talk] [EXTERNAL] Smartcard decryption not working under Sonoma
>For example, in Outlook, I get prompted to decode, prompted to reply,
>prompted to send, and prompted to file in another folder. And on send
>I can get prmompted multiple times, depending on how many signature
>operations ... (You get it – I think the max we counted was 12 times
>for a single message in a thread.)
I am personally surprised you get a PIN prompt for a refile operation;
I wonder what's going on there.
>We were looking for ways to cut that back and started working with a
>vendor on a custom version of the Apple CTK which allowed for caching
>of the PIN.
The sad part is you don't need a custom CTK; the ability to cache a PIN
already exists within the Security framework, but app writers don't
use it. Sigh.
--Ken
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden