Re: [Fed-Talk] [EXT] Re: [EXTERNAL] Smartcard decryption not working under Sonoma
Re: [Fed-Talk] [EXT] Re: [EXTERNAL] Smartcard decryption not working under Sonoma
- Subject: Re: [Fed-Talk] [EXT] Re: [EXTERNAL] Smartcard decryption not working under Sonoma
- From: "Blumenthal, Uri - 0553 - MITLL via Fed-talk" <email@hidden>
- Date: Fri, 09 Feb 2024 17:38:01 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5H9Mtc2W81On6n1sU0bhqLUzmnG5xPhuaW5cGIU8USI=; b=Zvc7bCUHUq1iDtMWRR8J6SYkLp2Wm89oialHKgrV9I2xJJdmBrUzd+gKgs/Or+LWNmcr8iX9PDLZ38L4aCIOD3f/R04jAiKQgKdmRVFkDZcUJqaRkB6e3moksq1W7H7FkB2nhNfDpS3scwozNpTDqrizA7IMuvLhvTq8RK0SilWcTFCrqi61stuTobWx2EyV5KoCgWSLoAWhUN01W1/wfRA2Jk7SbYxGw+ZFDiVgvbMfIAgZvpPI0vKf33LCrsZJzGOtwGuKXu2Fwmt2P3C7X9DH8gD3dK7g/dR2ea9VGT8yZw97Lu1whXjfQba2gvh37FQv+nOtFMGCvtvkh3/KWg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=WkEOU8ZXFHeKIlZJVTo0bo6w0P16XutWQ9xGn89mZ2wL1vDD8Ig2hZjHtTBnhmumzMB89/5VCAvc9Lg/snhk2h5vgHu6WL4q2dSIXOU/6o7aDmTkArV27YGrDMVfwWs7QCzUGJmIR4ZHm8BQhC9Y1P0EylQLS2bXJAHphmDAOVPq5LKobcaSpn9qdfBW11ltVO+krQttjB/EdHSVEH28JLzMJGhmILwbDFWvpZDbENGPnX0Cc7TtdKhuIvHBI/q2QRM52wHySpwxWDUrlVva1zXLB2GewLHffqDYGRbpZ1T+Iku3IsguUHaSeV993wvAkGaNs7/tpgzNXCXDwN4dKQ==
- Thread-topic: [EXT] Re: [Fed-Talk] [EXTERNAL] Smartcard decryption not working under Sonoma
>>We were looking for ways to cut that back and started working with a
>>vendor on a custom version of the Apple CTK which allowed for caching
>>of the PIN.
>
>The sad part is you don't need a custom CTK; the ability to cache a PIN
>already exists within the Security framework, but app writers don't
>use it. Sigh.
I wonder if you could use OpenSC as a basis or a part of this custom CTK - it
supports PIN caching (configuration option), and this fork
https://github.com/mouse07410/OpenSC.git prompts for the PIN only when the
smartcard really needs it, not when the middleware thinks that it should...
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden