[Tokend-Dev] Building Tokend on Leopard?
Henry B. Hotz
hotz at jpl.nasa.gov
Mon Mar 16 18:02:43 PDT 2009
On Mar 16, 2009, at 5:29 PM, Shawn A. Geddis wrote:
> On Mar 16, 2009, at 8:23 PM, Henry B. Hotz wrote:
>> That sounds like standard policy, which is fine.
>>
>> Am I wrong to believe that the posted source for this project is
>> newer and more Snow-Leopard-like than the 9G55 version of Tokend?
>> If it is, then I'm still interested.
>
>
> The Source for ALL of the sub-components of this project
> "SmartCardServices" are all exact copies of the source which was
> compiled and shipped in Mac OS X 10.5.6. We will make note of this
> on the wiki pages as we move forward with this project.
So this project's Tokend is identical to Tokend-35209?
> The issue you seem to be trying to resolve is related to the
> 1024/2048 key size issue with the shipped PIV tokend. I am getting
> that source and binary out here as soon as I can and will post a
> note then as well.
Well, I'm told that's the problem. I can't say I know that's the
issue independently. I just know that the 10.5.6 Tokend can't
identify the user for loginwindow. OpenSC Tokend and ActiveIdentity
Tokend can do that, but they can't unlock the card with a PIN.
If I got past this hump, I'd ask about Apple's support for MIT
Kerberos' pre-auth plugin interface and PKINIT, but that would be
severely off-topic. ;-)
------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
More information about the Tokend-Dev
mailing list