<html><head><meta http-equiv="Content-Type" content="text/html charset=windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">On Nov 20, 2013, at 8:24 PM, Rogers, Ed <<a href="mailto:ed.rogers@lmco.com">ed.rogers@lmco.com</a>> wrote:<br><blockquote type="cite">I need to use both a CAC and a company issued smart card (PIV). I’m using OS 10.9 and find that if I have both the CAC.tokend and the PIV.tokend installed, that only the first card used is supported and the next is not recognized. I end up having to remove one of the tokend for the other to work. Is there a tokend that supports both CAC and PIV or some way to allow both to be used such that the correct tokend is selected based on the card inserted?<br><br>R/ Ed Rogers<br>SWFTS SE&I Technical Director<br>LM Manassas<br>(703) 367-1620<br></blockquote><br><div>Ed,</div><div><br class="webkit-block-placeholder"></div><div>Looks like you never got a response to your above question from back on Nov 20…..</div><div><br></div><div>CAC, CACNG, and PIV are all separate Card Profiles where each would be support by the corresponding Tokend module. There would not be a case where you should have to move / remove a Tokend module to allow for another Tokend to be used. They are all independent and will each be used to probe and support the cards inserted in to each of your attached and supported readers. </div><div><br></div><div>In your case, when you insert the first card (say your CAC), the CAC.tokend should remain and support comms to that card. When you add a second reader / insert your second card the corresponding PIV.tokend would remain and support comms to that card. If you look at the running processes via Terminal you should see both <b>CAC</b> and <b>PIV</b> in the list.</div><div><br></div><div>When you say:</div><div><blockquote type="cite"> that only the first card used is supported and the next is not recognized.</blockquote><br></div><div>Can you explain further about what you mean when you say “note the first card used is supported” ?</div><div><br></div><div>If you are attempting to authenticate, say for accounts and system config changes (i.e. System Preferences) then yes the first Token is assumed to be your Primary Authentication token. However, that is not the case for any other Service / Application on OS X - For example, HTTPS, S/MIME, EAP-TLS, etc.</div><div><br></div><div>If you explain more I can help further.</div><br><div apple-content-edited="true">
<div style="letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div style="font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div style="font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div style="font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div style="font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div style="font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><span class="Apple-style-span" style="border-collapse: separate; font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; border-spacing: 0px; -webkit-text-stroke-width: 0px;"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><font face="Helvetica"><span style="font-size: 12px;">- Shawn<br>_____________________________________________________________________<br>Shawn Geddis<span class="Apple-tab-span" style="white-space: pre;"> </span> <span class="Apple-tab-span" style="white-space: pre;"> </span> geddis@{Mac | Me | iCloud}.com<br>Enterprise Security Consulting Engineer, Apple <a href="mailto:geddis@apple.com">geddis@apple.com</a><br><br>Smart Card Services<span class="Apple-converted-space"> </span> Project/Dev Lead: <br><span class="Apple-tab-span" style="white-space: pre;"> </span>Project Wiki:<span class="Apple-tab-span" style="white-space: pre;"> </span> [<a href="http://SmartCardServices.MacOSFforge.Org">SmartCardServices.MacOSFforge.Org</a>]<br><span class="Apple-tab-span" style="white-space: pre;"> </span>Mailing Lists:<span class="Apple-tab-span" style="white-space: pre;"> </span> [<a href="http://lists.macosforge.org/mailman/listinfo">Lists.MacOSForge.Org/mailman/listinfo</a>]</span></font></div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><font face="Helvetica"><span style="font-size: 12px;"><span class="Apple-tab-span" style="white-space: pre;"> </span>SCS Contact:<span class="Apple-tab-span" style="white-space: pre;"> </span> [<a href="mailto:scs-cotact@macosforge.org">scs-cotact@macosforge.org</a>]</span></font></div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><font face="Helvetica"><span style="font-size: 12px;"><span class="Apple-tab-span" style="white-space: pre;"> </span>SCS Admin:<span class="Apple-tab-span" style="white-space: pre;"> </span> [<a href="mailto:scs-admin@macosforge.org">scs-admin@macosforge.org</a>]</span></font></div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><font face="Helvetica"><span style="font-size: 12px;">_____________________________________________________________________</span></font><br></div></span></div></div></div></div></div></div></div>
</div>
<br></body></html>