Geoff Elgey wrote:
Same here. I've got a bunch of AirForce-issued CAC cards, which I haven't been able to read, and CoolKey + pcsclite 1.3.0 + ccid-1.0.0 just worked. Sweet.
Be aware that there will be a new token issued to admins to facilitate SCL (since Windows allows only a one-to-one mapping of certs to accounts, anyone with more than one account per forest can only SCL-enable one of those accounts with the CAC; typically this is admins). While the new token is not a CAC, it presents a CAC card edge (don't ask me why there's a difference, the explanation doesn't make sense to me either :). There's a bug in coolkey where it won't correctly recognize these tokens; I've created a patch and am working with RedHat to get it (or some other patch) committed.
I'm still a bit disappointed with libmusclepkcs11. But while I'm still trying to work out the issues (which all seem to stem from unhandled or poorly-handled resets), I've yet to hear from the active developers specifically about my findings. I'm still climbing the learning curve, so it's been slow going creating my own fixes, and as complex as the musclecard framework is, I'm still unsure of the ramifications of the changes I make, which makes me hesitant to rely on them.
-- Tim
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
