Re: [Fed-Talk] [EXTERNAL] Smartcard decryption not working under Sonoma
Re: [Fed-Talk] [EXTERNAL] Smartcard decryption not working under Sonoma
- Subject: Re: [Fed-Talk] [EXTERNAL] Smartcard decryption not working under Sonoma
- From: "Rowe, Walter P. \(Fed\) via Fed-talk" <email@hidden>
- Date: Fri, 9 Feb 2024 17:34:56 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov; dkim=pass header.d=nist.gov; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fodi5jxXxO8uchk64c+VwOr/XCTFVbqm5l632zMk0EY=; b=TCR1r74rGRaqZL5PmjRDP4cwEvHcSyprGGnYHS4Mk+OiB1i4W9tAi8FRRw0Q+pl95kejKwMb3xiwRbXP0YZtoYGm8+uAmbfWAP5SvDhPGD6eSthU6+MGkX6XY44esjFUF3Ych3fhGmNwsRyir4Ac+6+IEwyDjKECyYkDHfvQ2kf08GT0CQ69qzMfLaotSvOCtmRT9MkSRSZyML6xVW4J6DLW55li3Tn8dDyhYp0o0mxovGSpM7CyyXbHb1YELiXoidFkBFqwPBIOj4rCQoqLowXPciBibV3/YZ6A3Dt8KfOD939lvo3a7HAGQKWlvJhOuBmXfL11dsp8RWbL3ZbZOA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AxbHYWzse4fZfts9+NruvFSulzhkpNe5exhfsl7yVy4mWIo1skXD9X6apBMwcFt05LKnqkvt4uFLXmYhi+7r/9gh8DUxSZ3BDX1p0EL1iXzZAJf6NFvXRUyxftkBf6j4cVpRuF1Z7xqdIe+JmIHKL+1J6lpgFrbXw3t9uQtBj5CKLbOERGNFXvyjoFvDI0AIBruPdPjgxUF5afNz+pgeSchv7wFALuWB1Q74VZDPMy9f4Te03sdKNhDRN9Kkd8Vs6aLLWjj9x72+3bJ+MaJ+hF6TIoI5zTJKKwjwulxCeFe8GEpI3ZtShOSPOXYsHrIvPsQRuE9SdU+KHsMEfLEgAQ==
- Thread-topic: [Fed-Talk] [EXTERNAL] Smartcard decryption not working under Sonoma
When composing a new draft with Encryption enabled and Signing disabled I am
not prompted for PIN while composing new Apple Mail drafts. When Signing is
enabled and Encryption is disabled I am prompted frequently while composing.
This proves that Signing is the culprit.
There is NO REASON to prompt for PIN until composing – only when we Send.
Walter
--
Walter Rowe, Division Chief
Infrastructure Services Division
Mobile: 202.355.4123
On Feb 9, 2024, at 12:26 PM, Ken Hornstein via Fed-talk
<email@hidden> wrote:
I think the refile PIN prompt is tied to indexing (and validating) the
message – who knows.
_Verifying_ a signature doesn't require any smartcard operations; you only
need the smartcard to decrypt or sign. If this was an encrypted message
I could sort of see why that happened.
Never knew the cache capability was baked in - heavy sigh…. Heck, it
doesn’t even look like Apple uses it…
Right, it's SUPER undocumented. And like you said, many apps are tested
with soft certificates so developers don't experience the pain of many
PIN prompts.
--Ken
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
https://gcc02.safelinks.protection.outlook.com/?url=https://lists.apple.com/mailman/options/fed-talk/walter.rowe%40nist.gov&data=05|02|email@hidden|752f9082b6e04489932408dc29944a03|2ab5d82fd8fa4797a93e054655c61dec|0|0|638430964074074532|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|0|||&sdata=mQIRAx1t+5Rtfj0PBSPfDPXlQx/KSqzg8pwG+Aq/5yQ=&reserved=0
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden