Done. > -----Original Message----- > From: John Magne [mailto:jmagne@xxxxxxxxxx] > Sent: Monday, May 18, 2015 11:05 AM > To: Nordgren, Bryce L -FS > Cc: coolkey-devel@xxxxxxxxxx; pki-users@xxxxxxxxxx > Subject: Re: PIV-II middleware bug in coolkey > > File your bug under coolkey. > > thanks, > jack > > > ----- Original Message ----- > > From: "Bryce L Nordgren -FS" <bnordgren@xxxxxxxxx> > > To: coolkey-devel@xxxxxxxxxx, pki-users@xxxxxxxxxx > > Sent: Saturday, May 16, 2015 1:34:25 PM > > Subject: PIV-II middleware bug in coolkey > > > > > > > > Continuation of thread started in: > > https://www.redhat.com/archives/pki-users/2015-April/msg00041.html > > > > > > > > Synopsis: coolkey misinterprets my USDA LincPass (issued by a GSA > > Credentialing Center) as a CAC, then fails. It’s a PIV-II, according > > to OpenSC, which doesn’t fail. > > > > > > > > Using the OpenSC module with pam-pkcs11, I was able to get > > pklogin_finder to validate my certificates and associate my card to a > > user account via cn mapper. Using the coolkey module, errors ensued > > and logs are attached to the above thread. > > > > > > > > The question is: how do I/should I report this bug? Coolkey looks > > dead. No svn commits for 4 years. Last mailing list traffic on > > coolkey-devel was 2012. Is there anyone on the project? > > > > > > > > In the interim, I was also able to locate a standard deck of test > > cards [1], both for 30 day loan and for purchase @ $1900. The test > > deck contains two “golden” cards and 22 cards with known problems that > > the software should catch. It does not appear I can request an “extra” > > card from USDA for testing. If there’s anyone left to update coolkey, > > do you think the 30 day loan (potentially with an extension) is enough > > time to debug the software, or at the very least get a start on it? > > > > > > > > If the $1900 deck is necessary to add this functionality, it may be > > possible to donate or semi-permanently loan a set to the open source > > project. But I’d definitely need to understand what the coolkey > > project’s release and testing plan is and who would hold the physical > assets. > > > > > > > > Thanks, > > > > Bryce > > > > > > > > [1] http://www.idmanagement.gov/ficam-testing-program > > > > > > > > _______________________________________________ > > Coolkey-devel mailing list > > Coolkey-devel@xxxxxxxxxx > > https://www.redhat.com/mailman/listinfo/coolkey-devel _______________________________________________ Coolkey-devel mailing list Coolkey-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/coolkey-devel
