WWDC22 · 24 min · Privacy & Security / Business & Education

Discover Managed Device Attestation

Learn how to use Managed Device Attestation to ensure only legitimate devices can connect to your servers while attackers are thwarted. We’ll take you through an overview of how attestations provide strong evidence about managed devices. We’ll also explore how to use attestations and private keys generated by the Secure Enclave to secure communications to services such as MDM, VPN, and Wi-Fi.

Watch at developer.apple.com ↗

Transcript all transcripts

Code shown on screen · 2 snippets

DeviceInformation attestation request xml · at 11:16 ↗

// DeviceInformation attestation request

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>RequestType</key>
	<string>DeviceInformation</string>
	<key>Queries</key>
	<array>
		<string>DevicePropertiesAttestation</string>
	</array>
	<key>DeviceAttestationNonce</key>
	<data>
	bWFnaWMgd29yZHM6IHNxdWVhbWlzaCBvc3NpZnJhZ2U=
	</data>
</dict>
</plist>

DeviceInformation attestation response xml · at 11:43 ↗

// DeviceInformation attestation response

<!-- ... -->
	<key>QueryResponses</key>
	<dict>
		<key>DevicePropertiesAttestation</key>
		<array>
			<data>
			MIIC0TCCAli <!-- ... --> pIbnVw= <!-- Leaf certificate -->
			</data>
			<data>
			MIICSTCCAc6 <!-- ... --> wjtGA== <!-- Intermediate certificate -->
			</data>
		</array>
	</dict>
<!-- ... -->

Resources

Documentation Apple Private PKI Repository
Documentation Device Attestation Extension
Documentation Device Management

What’s new in managing Apple devices

WWDC23

29 min
What’s new in managing Apple devices

WWDC22 · 9 snippets

38 min

Code shown on screen · 2 snippets

Resources

Related sessions

What’s new in managing Apple devices

What’s new in managing Apple devices