<<Apologies if you get this twice. I used the wrong return address the first time.>>
On Oct 30, 2015, at 9:05 AM, Disiena, Ridley (MSFC-IS60)[EAST] <ridley.disiena@nasa.gov> wrote:
Since the Yubikey PIV applet has not been validated by NIST and no testing artifacts are available, I would not assume the applet is compliant.
Since restarting Mail (without restarting anything in the card/keychain system) is a workaround, I think it’s reasonable to think the problem is in Mail, or in Mail’s use of keychain. However if there is some suspicion Yubikey support is an issue, then we should be reporting the PIV applet number on the Yubikey. There are several “in the wild”. I feel sure Yubikey will be responsive to bug reports with sufficient detail. Also I think 10.10 was when Apple began “officially” supporting Yubikey/PIV. Henry B (Hank) Hotz, CTO hhotz@securechannels.com (949) 679-5738 Personal: hbhotz@oxy.edu Business: hhotz@securechannels.com