On Mar 16, 2009, at 5:29 PM, Shawn A. Geddis wrote:
On Mar 16, 2009, at 8:23 PM, Henry B. Hotz wrote:
That sounds like standard policy, which is fine.
Am I wrong to believe that the posted source for this project is newer and more Snow-Leopard-like than the 9G55 version of Tokend? If it is, then I'm still interested.
The Source for ALL of the sub-components of this project "SmartCardServices" are all exact copies of the source which was compiled and shipped in Mac OS X 10.5.6. We will make note of this on the wiki pages as we move forward with this project.
So this project's Tokend is identical to Tokend-35209?
The issue you seem to be trying to resolve is related to the 1024/2048 key size issue with the shipped PIV tokend. I am getting that source and binary out here as soon as I can and will post a note then as well.
Well, I'm told that's the problem. I can't say I know that's the issue independently. I just know that the 10.5.6 Tokend can't identify the user for loginwindow. OpenSC Tokend and ActiveIdentity Tokend can do that, but they can't unlock the card with a PIN. If I got past this hump, I'd ask about Apple's support for MIT Kerberos' pre-auth plugin interface and PKINIT, but that would be severely off-topic. ;-) ------------------------------------------------------ The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu