Using client-side certificates in TLS is pretty standard stuff, and should be well-supported by the system. You might start here: https://developer.apple.com/library/ios/documentation/Cocoa/Conceptual/URLLoadingSystem/Articles/AuthenticationChallenges.html
The biggest issue with something like this, or any scheme where you're trusting the client based on information that was packaged in the app, is that the app necessarily contains the information some bad actor would need to have to build a malicious client that you probably don't want to trust. (Same with things like encryption keys, API keys, shared passwords, and so on.) On the other hand, maybe that isn't the kind of risk you're trying to mitigate. Can you say anything more about what kind of app/service this is, and what sorts of threats you're trying to protect against? Do you have any way of knowing who the valid users should be ahead of time, or communicating with them outside of the app? Sixten On Mon, Jun 22, 2015 at 6:43 AM, Alex Zavatone <z...@mac.com> wrote: > We're all familiar with using a SSL cert to get a client to trust a > server, but we're looking at is getting a server to trust that a trusted > client is allowed to access it. > > I was thinking of embedding an SSL cert within the iOS app and validating > against that, but I'm sort of lost on a way to start. > > If this approach seems valid, do any of you have any ideas on any sites > where I could start reading up on this? > > If this approach doesn't seem valid, do any of you have any suggestions on > what might be a better approach? > > Thanks much in advance, > > Alex Zavatone > _______________________________________________ > > Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) > > Please do not post admin requests or moderator comments to the list. > Contact the moderators at cocoa-dev-admins(at)lists.apple.com > > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/cocoa-dev/himself%40sfko.com > > This email sent to hims...@sfko.com _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
