Brandon, The step to copy certs from a smart card to a user's keychain came from misguided statements made by a DoD staffer and it has been making its rounds ever since.... -Shawn __________________________________________________ Shawn Geddis geddis@me.com Security Consulting Engineer geddis@apple.com MacOSForge Project Lead: Smart Card Services Web: http://smartcardservices.macosforge.org/ Lists: http://lists.macosforge.org/mailman/listinfo __________________________________________________ On Feb 16, 2011, at 1:49 PM, Brandon Becker wrote:
Tim,
We noticed the same thing with 10.6.6, and eventually discovered that all of the affected users had copied the CAC public certificates into their login keychains. Deleting the certs from the login keychain returned the CAC to normal operation.
Brandon Becker Arctic Region Supercomputing Center
On Feb 15, 2011, at 12:09 PM, Miller, Timothy J. wrote:
* PGP - S/MIME Signed by an unverified key: 2/15/11 at 12:09:02 PM
I thought it had, but I noticed today that a coworker's Gemalto 144K card doesn't work right (shows in Keychains, but no certs). Comment?
-- T
* Miller Timothy J. <tmiller@mitre.org> * Issuer: mitre.org - Unverified