I ordered the new Macbook Air with M1 that will be here next week. I'm looking to use it to replace my current aging Windows laptop. The only thing I foresee being an issue (hopefully this is a good place to ask this) is that I access .mil sites daily. Getting a USB-C CAC reader shouldn't be too hard, but what about the certificates needed to access these sites? Will it be fine to download the PKI's since they are browser security based, or will the ARM architecture cause issues and I will have to wait a while for a solution?
-No issues on CAC (I've worked with the readers prior without issue)
-No issues with certificates (at the level you speak it's largely agnostic/various kernel based signed cert generation are covered. All big PC makers will include all the known CAs and their roots.
However, you may need to import the DOD Root. That's not an Apple thing, PCs straight from the MFG won't come with the DOD root. But servers/sites in the public domain won't be dealing with DOD CA. That'll be for visiting servers within the .mil domain).
-Visiting sites will not be an issue (except for the DOD root issue mentioned above, any issues would largely be determined by <dept>.mil domain policy on which browsers you can use and what extensions can run. Some sites may not be allowed...some FTPs will be blocked even on SipR).
Best of luck...
EDIT: sorry didn't see the latest post
. I'm not following the issue. You insert your ID into the CAC reader and you are able to now see the computer's desktop, correct? If that is the case then you are past the local machine login security, correct?
You said you have installed the DOD root. You likely have a <your dept.>.mil HR announcement webpage, can you browse to that after getting by local machine security("local machine": though it is DC based security)? If all that is correct then what specifically is happening from there? If you browse to a common website, Apple.com, what happens?
FIPS gets into another bag of fun. MFGs have to make SW/HW up to latest FIPS standard. This is just for SipR net?