Did somebody forget to take their meds?
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Peter Williams
Sent: Friday, July 14, 2006 1:08
PM
To: MUSCLE
Subject: RE: [Muscle] RE: CAC and
musclecardframework
Interesting discussion on login and logout - and the related notion in American
critical security infrastructue design concerning what does or does not require
cardholder consent - by designer intent
(And, who are the designers? the mentioned authors of 800-73? or are they
merely the "writers" vs. the "designers")
You can apparently be "logged out" at the API - and the PIV card
can still perform device authentication (using asymmetric keying material) -
because this feature does NOT require cardholder consent. This goes way beyond
merely conveying the CHUID over to the door lock when one gets in range of the
sensor note ......its a full passive, reaction capability built in - presumably
for device tracking/authentication.
One can liken this to passive monitoring feature of cell phones, a feature
introduced by USG into the critical infrastructure to allow terminal location -
even when the phone user has "logged out" of the phone and powered
down (not!). Obviously designed (a) for a fast phone reboot
experience, onto links already setup for the new cell that one is driving
by, (b) with a nice benefit when spying on foreigners (c) more recently, with a
(nice) side effect when leveraging the capability to domestically spy on
Americans, now.
> Date: Wed, 12 Jul 2006 13:57:40 -0400
> From: [EMAIL PROTECTED]
> To: [email protected]
> Subject: [Muscle] RE: CAC and musclecardframework
>
e> Tim:
>
>
1) The relevant specification is NIST SP 800-73 which does include the
> notion of logged-in/logged-out on the client API. It is available at:
>
> http://csrc.nist.gov/publications/nistpubs/
>
>
You might also want to consult the developer forum at:
>
> http://piv.nist.gov/
>
>
2) AFAIK CAC is not compliant with either this specification or GSC-IS
> v2.1.
>
> Cheers, Scott
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
>
[mailto:[EMAIL PROTECTED] On Behalf Of Timothy J.
> Miller
> Sent: Wednesday, July 12, 2006 1:51 PM
> To: MUSCLE
>
Subject: CAC and musclecardframework, some final words (was: Re:
> [Muscle]Re: MSC_TOKEN_RESET behavior questions)
>
> Timothy J. Miller wrote:
>
>
> 1) Add MSCLogoutAll to commonAccessCard.c. This is probably the best
> > solution, but I have no freakin' clue how to go about it;
>
>
I did some digging on this, and pulled down & perused the NIST gov't
>
smartcard spec the CAC complies with. GSC-IS has no concept of
>
logged-in vs. logged-out IDs, as musclecard seems to have; instead, it's
>
> all about access control rules applied to each operation. So it makes
>
sense that the MSCLogoutAll() is unimplemented. However,
>
commonAccessCard.c *is* setting pConnection->loggedIDs when a verify PIN
>
>
operation is performed, so I added code to unset pConnection->loggedIDs
>
when MSCLogoutAll() is called and return a success et viola! Done.
>
>
I'm going to have to review the APSL commonAccessCard.c falls under to
>
see what obligations I'm under re: distributing these changes.
>
> There's still the stale pointer in the session table and NULL handling
>
issues with session_FreeSession(), but I think I have a handle on these
>
now and may be able to fix them. If I have any success I'll contribute
> patches back.
>
> -- Tim
>
>
>
> _______________________________________________
> Muscle mailing list
> [email protected]
> http://lists.drizzle.com/mailman/listinfo/muscle
Be one of the first to try Windows Live Mail beta
