Tim,
I may be wrong on this, but I believe you can "simulate" a logout
command by selecting the card's Card Manager and then the applet again.
Not sure if this will work with the CAC since it has a shared ID
applet which manages PIN state, but it is worth a try ....
Thanks,
Dave
On Jul 12, 2006, at 2:19 PM, Timothy J. Miller wrote:
Scott Guthery wrote:
1) The relevant specification is NIST SP 800-73 which does include
the
notion of logged-in/logged-out on the client API. It is available at:
NIST800-73 is PIV. PIV != CAC. I have to cope with existing CAC
cards for now and for the next three years at a minimum. The DoD
won't start issuing cards with PIV-transition support until October
of this year.
2) AFAIK CAC is not compliant with either this specification or
GSC-IS
v2.1.
CAC is compliant with GSC-IS 2.1, and was always aimed at GSC-IS
compliance. It's NIST that changed it out from under us with the
PIV spec. Bastiges! ;)
-- Tim
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
------------------------------------------------------------------------
------------
David Corcoran corcoran at identityalliance dot com
Identity Alliance http://www.identityalliance.com
phone: 260-488-3099 fax: 260-488-2455
Smart Cards, Biometrics, Training, Identity Management
------------------------------------------------------------------------
-------------
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
