The biggest issues are how to pull the certificates from the CAC card onto an iOS in a manner that is deemed 'secure'. Right now, USB is the only viable way to do this with a CAC reader on a personal computer. Blackberry has the only wireless option with a Bluetooth CAC reader. To date, there is not Bluetooth CAC reader for the iOS. If there was, you would still have to write an app to process the certificates and make them available for a mail client or safari. Mac OS X has 'Keychain Access', a utility that has a built in ability to do the work for you. PC's have to use middleware, such as Active Client. Long road to a small house, this has been discussed several times with no replies or serious takers on the Apple side. The government does have a contract with Blackberry utilizing CAC / PKI support; not sure if that has anything to do with the holdup for iOS support.
Also, a similar thread has been discussed on this site, see the following link:
http://discussions.info.apple.com/message.jspa?messageID=12244323
If there was, you would still have to write an app to process the certificates and make them available for a mail client or safari. Mac OS X has 'Keychain Access', a utility that has a built in ability to do the work for you. The next generation of ActivCard® Gold™ for CAC, the leading smart card-based strong authentication software for the DOD Common Access Card enables usage of PKI certificates and keys on a CAC to secure desktop applications, network login, remote access, web login, e-mail and electronic transactions.
Mar 6, 2011 10:01 AM
You did not tell us the link. Google showed two links with certificate errors.
With security certificate error. (Untrusrted certificate)
https://www.us.army.mil/suite/login/login.fcc?TYPE=33554433&REALMOID=06-56ac77cd-98b2-1009-96b6-84a74d100cb3&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-Dgs1Cox22Zw5Nc04OY%2bt%2bTd77GJKuMDDt2tYw6HY7Aue1oe%2fViOQSbne%2fSIpOsA5&TARGET=-SM-http%3a%2f%2fwww%2eus%2earmy%2emil%2fSmKBAuth%2fLoginEnrollmentForms%2fSmKBAuth%2efcc%3fTYPE%3d33554432%26REALMOID%3d06--b476a858--73dc--10a1--9a8e--832f882fff3d%26GUID%3d%26SMAUTHREASON%3d0%26METHOD%3dGET%26SMAGENTNAME%3d--SM--vXO-%2bYjxhl6RVVzPhP5qziY3Qqv58168oja81Ux8nYYl9AjW7Fl7DaNcXHG14hZkk%26TARGET%3d--SM--http-%3a-%2f-%2fwww-%2eus-%2earmy-%2emil-%2fsuite-%2fportal-%2fauthenticate-%2edo
With security certificate error. (Untrusted certificate)
https://lists.army.mil/mailman/listinfo/ako-live
will ask for some data
Ssl Client Certificate For Cac
It looks okay when I visited the sites. I clicked on 'Continue to the website (not recommende'. Maybe the military is not governed by the issuing authority. I'm using McAffee SiteAdvisor and the sites' rating is 'Green'.
Info on the security status bar
Untrusted Certificate
The security certificate presented by this website was not issued by a trusted certificate authority.
This problem might indicate an attempt to fool you or intercept any data sent to the server.
We recommend that you close the webpage.
Certificate errors occur when there is a problem with a certificate or the server's use of the certificate. Internet Explorer can help keep your information more secure by warning you about certificate errors.
While this is not recommended, you can click 'Continue to this website (not recommended)' on the certificate error blocking page to go to the website.
More informations:
About certificate errors
http://windows.microsoft.com/en-US/windows-vista/About-certificate-errors