SupersonicMax said:We're almost in 2020 after all. I really liked the US system where your ID cards also served as IT credentials.
Dolphin_Hunter said:This makes so much sense. I’ve been saying this since I was issued my first PKI card back in 2002/03.
Every person in the CF should have a PKI card so why not adopt the system that the US uses?
This new evaluation system seems more efficient, however I think we will still make things more complicated for ourselves. I feel like Norm from Cheers in the episode when Cliff was killing it on Jeopardy, I have a feeling we are going to screw this up. I hope I’m wrong.
https://youtu.be/botdmsQilnU
Brihard said:Same in my organization. I have a card that functions both as building access and PKI, as well as having name, photo, and an employee number but nothing identifying the organization or workplace. It works well. Every one of us deals with protected systems regularly, and it hasn’t been a real hassle. As long as the card is backed with a second authentication factor, you’re good to go. We can all log in to our version of Peoplesoft/HRMS for things like submitting career planning requests, getting our version of an MPRR, updating personal info, updating our security clearance forms, so on and so forth. Our leave requests, overtime, travel/expense claims, and individual issue clothing/equipment requisitions are all done and approved digitally through a linked system. The CAF is living in the past.
SupersonicMax said:Meh. Is it such a stretch thinking that everyone in the organization needs a digital signature/encryption card? We're almost in 2020 after all. I really liked the US system where your ID cards also served as IT credentials.
Navy_Pete said:No, I think it makes sense that we should be able to; I guess what I was doubting was whether the PKI system is capable of supporting that. Maybe someone already thought ahead and is implementing something?
:dunno:
It's especially fun when you get posted and they change your email, so your PKI encryption no longer works, and you can't access any previously archived protected files unless you had thought ahead and encrypted them by password (vice your ID, which is the default).
SupersonicMax said:Meh. Is it such a stretch thinking that everyone in the organization needs a digital signature/encryption card? We're almost in 2020 after all. I really liked the US system where your ID cards also served as IT credentials.
CanadianTire said:But then we'd have to not only figure out how to get everyone a permanent ID, but also how to get them an ID (of any kind) in a timely fashion.
Navy_Pete said:No, I think it makes sense that we should be able to; I guess what I was doubting was whether the PKI system is capable of supporting that. Maybe someone already thought ahead and is implementing something?
:dunno:
It's especially fun when you get posted and they change your email, so your PKI encryption no longer works, and you can't access any previously archived protected files unless you had thought ahead and encrypted them by password (vice your ID, which is the default).
CountDC said:your pki should still work without an issue. I have been posted several times to different locations across the country and still have the original card sent out when the system was started. Works fine still. It's linked to your ID in the form of your email (me.bloggins@forces.gc.ca) via certificates which get updated but the old ones are still on there so you can open your old stuff. I believe when you do open the old one the system will update that email to the new certificates but could be wrong. I still have emails from 3 jobs and 7 years ago that open no problem.
Furniture said:ShipLAN email accounts don't transfer(or didn't when I was sailing), and you often ended up with a john.doe2@forces.gc.ca on one whip then john.doe1@forces.gc.ca or another. I'm the only person in the CAF with my name, and I think I was up to 2 at one point on ship.