<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">
On Mar 25, 2016, at 18:08 , Hoit, Daniel S. <<a href="mailto:hoit2@llnl.gov" class="">hoit2@llnl.gov</a>> wrote:<br class="">
<div>
<blockquote type="cite" class="">I think there is some difference, but I'm not sure how much.<br class="">
<div class="">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; " class="">
<div class="">I know when I got my yubikey working as a PIV card, it was only with the Centrify tokenD, or at least thats my recollection.</div>
<div class="">I'd like to find the time eventually to add some user feedback on the lock state of the card to the Apple PIV tokend. The calls are all stubbed out, but not fedback to the UI in any way from what I could tell.</div>
</div>
</div>
</blockquote>
<div><br class="">
</div>
<div>I had difficulties with CAC, and terrible difficulties with Yubikey (all the tokend's). With the help of Klaus from Yubikey and Jim Thomas from Thursby we straightened out the Yubikey case (Yubikey added the necessary fields that it was lacking, and that
was that).</div>
<div><br class="">
</div>
<div>After that I decided that I’d really like a tokend that I could (a) build myself from the source, and (b) fix if/when necessary. Out of all the tokend’s available, only OpenSC satisfied both of those requirements, but it was the most broken one of the
bunch. With the help of Frank Morgner and Doug Engert, now OpenSC.tokend (a) builds on all the Mac OS X platforms I care for (Snow Leopard, Yosemite, El Capitan), (b) works with all the tokens I have including CAC and Yubikey (NEO and 4), (c) provides full
support for RSA (signature and encryption), and ECDSA support for ECC (I’ve added ECDH support but cannot test it as there is no application software I know of that can support ECC-based email encryption). It’s been tested with Web as well (Firefox using OpenSC,
and Chrome/Safari using OpenSC.tokend). It seems to deal with the lock state (mostly) correctly. Apple Mail is the least stable app wrt. this, but re-inserting the token and re-starting the Mail client remedies its hiccups.</div>
<div><br class="">
</div>
<div>So, ideally I’d like to be able to build SmartCardServices tokend, to have a backup. Practically, I don’t think I really care any more. OpenSC.tokend does the job, and there’s supported Thursby PKard.tokend (don’t know how well it supports ECC, but again
- there’s no application to test it against). </div>
<div><br class="">
</div>
<div><br class="">
</div>
<blockquote type="cite" class="">
<div class="">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; " class="">
<div class="">
<div class="">
<div class="">On Mar 25, 2016, at 11:20 AM, "Jorgensen, Will A" <<a href="mailto:Will@pnnl.gov" class="">Will@pnnl.gov</a>></div>
<div class=""> wrote:</div>
<br class="Apple-interchange-newline">
<blockquote type="cite" class="">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">
I’m curious if anyone has insight into how the Centrify tokend is different then the one that comes from the smart card services project. From what I can see, they appear to be identical. I’m wondering if they are just compiling and re-packaging the same
code.
<div class=""><br class="">
</div>
<div class="">
<div class="">
<div class="">
<div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0in 0in 0.0001pt; " class="">
<span style="font-family: Arial, sans-serif; font-size: 10pt; color: rgb(212, 117, 0);" class="">__________________________________________________</span><span style="font-family: Calibri, sans-serif; font-size: 11pt;" class=""> </span></div>
<div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0in 0in 0.0001pt; " class="">
<b style="font-family: 'Times New Roman', serif; font-size: 12pt;" class=""><span style="font-size: 11pt; font-family: Verdana, sans-serif;" class="">Will Jorgensen</span></b></div>
<div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0in 0in 0.0001pt; " class="">
<font face="Verdana, sans-serif" size="2" class="">IT Engineer</font></div>
<div style="font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; " class="">
<span style="font-family: Verdana, sans-serif; font-size: 10pt;" class="">Communications & IT Directorate </span></div>
<div style="font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; " class="">
<span style="font-size: 10pt; font-family: Verdana, sans-serif;" class="">Pacific Northwest National Laboratory<o:p class=""></o:p></span></div>
<div style="font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; " class="">
<a href="mailto:Jeff.Evans@pnnl.gov" style="font-family: Calibri, sans-serif; font-size: 11pt; color: rgb(149, 79, 114);" class="">www.pnnl.gov</a></div>
<p class="MsoNormal" style="font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0in 0in 12pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<br class="">
</p>
</div>
</div>
</div>
</div>
_______________________________________________<br class="">
SmartcardServices-Users mailing list<br class="">
<a href="mailto:SmartcardServices-Users@lists.macosforge.org" class="">SmartcardServices-Users@lists.macosforge.org</a><br class="">
<a href="https://lists.macosforge.org/mailman/listinfo/smartcardservices-users" class="">https://lists.macosforge.org/mailman/listinfo/smartcardservices-users</a><br class="">
</blockquote>
</div>
<br class="">
</div>
</div>
_______________________________________________<br class="">
SmartcardServices-Users mailing list<br class="">
<a href="mailto:SmartcardServices-Users@lists.macosforge.org" class="">SmartcardServices-Users@lists.macosforge.org</a><br class="">
https://lists.macosforge.org/mailman/listinfo/smartcardservices-users<br class="">
</div>
</blockquote>
</div>
<br class="">
<div apple-content-edited="true" class="">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">
<div class="">--</div>
<div class="">Uri the Great</div>
<div class=""><a href="mailto:uri@mit.edu" class="">uri@mit.edu</a></div>
<div class=""><br class="">
</div>
</div>
<br class="Apple-interchange-newline">
<br class="Apple-interchange-newline">
</div>
<br class="">
</body>
</html>