Scott Guthery wrote:
1) The relevant specification is NIST SP 800-73 which does include the notion of logged-in/logged-out on the client API. It is available at:
NIST800-73 is PIV. PIV != CAC. I have to cope with existing CAC cards for now and for the next three years at a minimum. The DoD won't start issuing cards with PIV-transition support until October of this year.
2) AFAIK CAC is not compliant with either this specification or GSC-IS v2.1.
CAC is compliant with GSC-IS 2.1, and was always aimed at GSC-IS compliance. It's NIST that changed it out from under us with the PIV spec. Bastiges! ;)
-- Tim
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
