Wave Systems Corp. (fka WAVXQ)

[RootOfTrust]

As I stated before the CAC card will be used as the primary Token for User ID in the DOD and the VSC can be a backup to it as well be used in the Federal space for machine ID and 2 factor authentication and lead to Attestation services like WEM provides.


wd...as we've discussed, VSC would be an ideal method to secure PIV derived credentials on TPM-equipped gov't/military smartphones, in fact I'd be surprised if the the gov't VSC customer went forward with their deployment not considering the possibility of that scenario. If I'm correct and the customer eventually deploys Wave VSC on smartphones then it's an easy step to use derived credentials on notebook TPMs and bypass the need for both a card reader and a card. That way the soldier in the field isn't screwed if he/she loses their card, just use the PIN to gain access to the notebook and he/she is on the network.

I realize the NIST Derived Credentials draft applies to using PIV derived credentials for mobile devices only, but who knows if they become widely deployed on smartphones perhaps the IT guys will get creative and use them on PCs (especially notebooks) as well.