[Pki-users] [Coolkey-devel] PIV-II middleware bug in coolkey
John Magne
jmagne at redhat.com
Mon May 18 17:05:10 UTC 2015
File your bug under coolkey.
thanks,
jack
----- Original Message -----
> From: "Bryce L Nordgren -FS" <bnordgren at fs.fed.us>
> To: coolkey-devel at redhat.com, pki-users at redhat.com
> Sent: Saturday, May 16, 2015 1:34:25 PM
> Subject: [Coolkey-devel] PIV-II middleware bug in coolkey
>
>
>
> Continuation of thread started in:
> https://www.redhat.com/archives/pki-users/2015-April/msg00041.html
>
>
>
> Synopsis: coolkey misinterprets my USDA LincPass (issued by a GSA
> Credentialing Center) as a CAC, then fails. It’s a PIV-II, according to
> OpenSC, which doesn’t fail.
>
>
>
> Using the OpenSC module with pam-pkcs11, I was able to get pklogin_finder to
> validate my certificates and associate my card to a user account via cn
> mapper. Using the coolkey module, errors ensued and logs are attached to the
> above thread.
>
>
>
> The question is: how do I/should I report this bug? Coolkey looks dead. No
> svn commits for 4 years. Last mailing list traffic on coolkey-devel was
> 2012. Is there anyone on the project?
>
>
>
> In the interim, I was also able to locate a standard deck of test cards [1],
> both for 30 day loan and for purchase @ $1900. The test deck contains two
> “golden” cards and 22 cards with known problems that the software should
> catch. It does not appear I can request an “extra” card from USDA for
> testing. If there’s anyone left to update coolkey, do you think the 30 day
> loan (potentially with an extension) is enough time to debug the software,
> or at the very least get a start on it?
>
>
>
> If the $1900 deck is necessary to add this functionality, it may be possible
> to donate or semi-permanently loan a set to the open source project. But I’d
> definitely need to understand what the coolkey project’s release and testing
> plan is and who would hold the physical assets.
>
>
>
> Thanks,
>
> Bryce
>
>
>
> [1] http://www.idmanagement.gov/ficam-testing-program
>
>
>
> _______________________________________________
> Coolkey-devel mailing list
> Coolkey-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/coolkey-devel
More information about the Pki-users
mailing list