30 Oct
2015
30 Oct
'15
8:32 p.m.
So the problem is not that NEO would allow unprotected DSK operations forbidden by NIST (which BTW NEO doesn't) - the problem is that OS X or Keychain API or PKard.tokend are trying to perform an unprotected DSK operation on NEO contrary to what PIV standard says.
Do you have an APDU trace to show this? -- T