Military CAC Access

Anyone in the Armed Forces and need some help accessing their own networks? I found this excellent site, MilitaryCac.com which shows step-by-step information for anyone needing to legitimately gain access from their home machines (following DOD policy of course). The instructions are well put together and detail out some of the absurdities of gaining access, one of which is needing to drop into the secure portal from a different machine, which you can only do by using a CAC (Common Access Card) reader.

Anyhow, once we got it figure it out was dead simple. You’ll need to install the ActiveClient and not just the drivers for the CAC reader. That client is what is behind closed doors and requires authentication. It did require going out and fetching DOD certificates which are apparently freely available which kind of tripped me up a bit– shouldn’t those certificates be hidden? Aren’t they essentially keys? Maybe I’m misunderstanding all this…

I used to work for a company that would self-sign their SSL certificate in order to have “secure” https Outlook Web Access (OWA). Given that the certificiate was signed by “itself”, and not some other authority, what is the purpose of having a certificate that can’t be vetted against a chain?

Clearly I don’t know enough about this…I’m hoping to do a bit of research as a side project and come back with some notes. Some day…

In the meantime I’m fooling around with iOS4, and thinking lazily about that new shiny thing that was announced yesterday. It’s very nice, but I haven’t had the brainpower to really drill too deeply into it…