Paul, One of the products was previously available from Tumbleweed and is now from Axway http://www.axway.com/products-solutions/email-identity-security/identity-sec... -Shawn On Jan 4, 2010, at 5:59 PM, Paul Kwan wrote:
Hi Shawn,
Thanks for the quick response as always. Can you please tell me what are the 3rd party products you refer to? Thanks again.
PSK
On 1/4/10 12:37 PM, "Shawn A. Geddis" <geddis@apple.com> wrote:
On Jan 4, 2010, at 2:19 PM, Paul Kwan wrote:
Hi ALL,
I can specify a different OCSP URL other than the one on my Smart Card with Windows client? Is there a way I can do the same on OS X? Thanks for the help.
PSK _______________________________________________ SmartcardServices-Users mailing list SmartcardServices-Users@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/smartcardservices-users
Paul,
No. Mac OS X enforces what is in the certificate, because that is what can be absolutely validated.
There are third-party products which have incorporated additional services to rewrite/process the Cert Revocation URI found in the Cert to a *configurable* URI -- allowing you to go from CRLDistribution Points to AIA Extensions (for OCSP).
__________________________________________________ Shawn Geddis geddis@mac.com Security Consulting Engineer
MacOSForge Project Lead: Smart Card Services Web: http://smartcardservices.macosforge.org/ Lists: http://lists.macosforge.org/mailman/listinfo __________________________________________________
_______________________________________________ SmartcardServices-Users mailing list SmartcardServices-Users@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/smartcardservices-users
- Shawn ________________________________________ Shawn Geddis T (703) 264-5103 Security Consulting Engineer C (703) 623-9329 Apple Enterprise Division geddis@apple.com 11921 Freedom Drive, Suite 600, Reston VA 20190-5634