Since July I have used the CAC on RedHat (currently v8.0) including with Gem 412/435 (serial/USB the free models from FirstUSA/American express I got by signing up for smart credit cards) connecting to PKI web sites and signing Email with mozilla
Muscle is it seems a bit of a do it yourself project. I installed the pcsc-lite-1.1.1-1rh7x.i386.rpm I think later recompiled I installed and patched ifd-gempc-0.6.4 to support the GCR412 & GCR435 I am using David Corcoran's cac-support-071102.tar.gz I had some library trouble which I fixed by ln -s /lib/libcrypto.so.0 /lib/libcrypto.so.0.9.6b Also since I have devfs turned on I needed to add /dev/pcsc/0 -> /dev/tts/0 rather then the normal /dev/pcsc/0 ->/dev/ttyS0 to connect my serial port You need to manually run bundleTool after pcscd is up and running to link the cards hardware ATR to the software I could then list tokens in muscleTool and see my CAC I had trouble with mozilla-0.9.9 but 1.2b worked and once I had the RootCA chain fixed it would even sign email, without the RootCA you can still visit PKI web sites but it will ask about unverified certificates. I think that all of that software has been updated since then and should work better now, but I also think it is still quite manual in setup and configuration. I have noted that all SmartCards are very dumb and seem to need to be associated manually with the software to access them. That is that each card is looked up by its hardware ATR response (answer to reset). I have no clue what happens if two cards with the same ATR are used for different purposes, currently I think everything would break at the bundle level. This is not a Linux/Muscle problem but generic to the SmartCard way of doing things Back in July the claimed roll out date for NMCI was August and some of the documentation seemed to indicate that all logins were to be done by CAC. This turned out to not be the case, my Seat arrived 2002-12-19 and would not even support CAC out of the box, several support calls later I had exported the certificates and gotten them imported into MS Outlook and had gotten ActiveCard setup to allow CAC login, they also had problems with the RootCA chain. My NMCI laptop has a SCM SCR201 PCMCIA reader which might also be supported by Muscle oddly windows 2000 reports it as a SCR120? The desktop versions appear to have a Dell Computer built-in SmartCard reader built into the keyboard (USB) _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.musclecard.com/mailman/listinfo/muscle
