[Tokend-Dev] [SmartcardServices-Users] BETA Tokend available: CAC-NG (Leopard Mac OS X 10.5.6+)
Shawn A. Geddis
geddis at apple.com
Wed Dec 2 10:45:53 PST 2009
Paul,
As always, it is a continuing challenge for ISVs to get a hold of US Federal CAC/CAC-NG Smart Cards. That said, your best bet is to speak directly to the DMDC folks and submit a request with a DoD customer as the sponsor.
For what it is worth, I have "1" of these cards in my possession right now....
-Shawn
__________________________________________________
Shawn Geddis geddis at mac.com
Security Consulting Engineer
MacOSForge Project Lead: Smart Card Services
Web: http://smartcardservices.macosforge.org/
Lists: http://lists.macosforge.org/mailman/listinfo
__________________________________________________
On Dec 2, 2009, at 1:39 PM, Paul Kwan wrote:
> Hi Shawn,
>
> This is great! I would like to check this out. Can you tell me where and how can I order/get some CAC-NG smart cards to test this? Thanks for your help.
>
> PSK
>
> On 12/2/09 [Dec 2] 10:11 AM, "Shawn A. Geddis" <geddis at apple.com> wrote:
>
>> SmartCardServices - "CAC-NG" Tokend
>>
>>
>> The SmartCardServices Project Team is pleased to provide access to the*BETA* for CAC Next Generation (a.k.a. CAC-NG) Tokend support for Mac OS X 10.5 "Leopard". Support for Snow Leopard is forth coming, but you can proceed to test with your Mac OS X 10.5.6+ machines with this installation.
>>
>> Background
>> CAC-NG Smart Cards
>> The following is an excerpt taken directly from the "DoD Implementation Guide for CAC Next Generation (NG), v2.5, November 2006".
>>
>>> The DoD CAC Environment
>>> The PIV transitional, as defined in SP 800-73, is added to the existing CAC v2 card as an additional data model in conjunction with other evolutions such as the purse and access control. This CAC with PIV is called the CAC Next Generation (NG). The CAC NG is the first and most significant step towards the PIV end point solution.
>>>
>>> The PIV solution is implemented on the DoD CAC NG, but is largely separate and distinct from the DoD multi-application CAC. It will evolve at its own pace but in the same environment.
>>>
>>> The purpose and function of the CAC NG is much broader than the focused interoperability function of the PIV. In 1999, Congress directed the Secretary of Defense to implement smart card technology within the DoD with the objective of increasing efficiency, security, and readiness. The result has been the creation of the CAC. The baseline functionality of the CAC is to (1) provide for logical access to computer systems, (2) provide personnel identification, (3) enable physical access to buildings, and (4) PKI for signing, encryption, and non-repudiation. The CAC is the standard identification card for active duty military personnel, Selected Reservists, DoD civilian employees, and eligible contractor personnel.
>>>
>>> The CAC NG is a multi-application smart card. It serves as a token for PK identity, email, and encryption certificates. Additionally, it contains a linear barcode, two-dimensional barcode, magnetic stripe, color digital photograph, and printed text.
>>
>> Installer
>> http://smartcardservices.macosforge.org/trac/wiki/installers
>>
>> Installation
>>
>> Smart Card Tokend Installation
>>
>> CAC-NG
>> /System/Library/Security/tokend/CACNG.tokend
>>
>> __________________________________________________
>> Shawn Geddis geddis at mac.com
>> Security Consulting Engineer
>>
>> MacOSForge Project Lead: Smart Card Services
>> Web: http://smartcardservices.macosforge.org/
>> Lists: http://lists.macosforge.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/tokend-dev/attachments/20091202/bbbf6e4a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3864 bytes
Desc: not available
URL: <http://lists.macosforge.org/pipermail/tokend-dev/attachments/20091202/bbbf6e4a/attachment-0001.bin>
More information about the Tokend-Dev
mailing list