“ACME”

The WWDC23 video on deploying passkeys at Work (https://developer.apple.com/videos/play/wwdc2023/10263/?time=633) talks about a Corporate CA Server signing the Identity Certificate for the passkey, which can be further used during registration with the relying party. Where can I find more information on what protocol and specification this Corporate CA should follow here ? Is this based on protocols such as SCEP/ ACME (or) something else ? Also, where I can find information on what verification this Corporate Server can follow before signing that Identity Cert?

I have an existing ScrollView view with a Picker. Upon selection of a picker value, and user pressing the details button, I want to append a view to the bottom of the existing view. I call detailsView. But it does not seem to work. @Environment(.managedObjectContext) private var viewContext @Environment(.dismiss) var dismiss @Environment(.presentationMode) var presentationMode @Binding var chosenProvider: Provider? @State var selectedLocation: Location? @State private var vendorNames: [String] = [] @State private var selectedVendor:String? = nil @State private var showingSheet = false @State var state: String? @State var zip: String? var body: some View { ScrollView { VStack { HStack { Text(Select Vendor) Picker(Provider, selection: $selectedVendor , content: { ForEach(vendorNames,id: .self, content: { name in Text(name) }) }) .pickerStyle(MenuPickerStyle()) .onTapGesture { self.getVendorNames() { providers, status in if (status) { vendorNames = providers } } } } .onChange(of: selectedVendor, perform: { newVa

Hello I'm seeing a 100% reproducible issue with macOS keychain when dealing with items protected with kSecAccessControlApplicationPassword. Creating, accessing the item works fine unless the user is running on macOS 12 (Monterey) and the system has been sleeping for at least 15 minutes (based on testing). I've seen the exact same behavior on an iMac and a Macbook (both running on the latest Monterey version). After sleeping for at least 15 minutes, trying to get an existing keychain item will fail with .errSecAuthFailed. From the Console I can see various messages like this: default 12:03:11.395081+0100 KeychainAppPasswordDemo LAContext[3506:10] created new cid:88 default 12:03:11.395231+0100 coreauthd setCredential:5621 type:0 on ContextProxy[398:287:387] rid:829 default 12:03:11.395261+0100 coreauthd Replacing ACM passphrase credential with purpose 0 on ACMContext 387 default 12:03:11.395395+0100 KeychainAppPasswordDemo setCredential:5621 type:0 on LAContext[3506:10] cid:89 returned success default

Can the new ACME payload work on macOS 13 seed builds as well ? Is there anything that stops a ACME payload for macOS ? This will be an awesome support for Macs in the enterprises with DEP/MDM.

We are testing the ACMECertificate payload in Mac 13.1 beta and getting this error. The same payload when sent to iOS works fine. Any help on this would be appreciated. Thanks. FB Raised: FB11736586 PayloadVersion 1 PayloadUUID 70e4b45e3c1e PayloadType Configuration PayloadOrganization NewComp PayloadIdentifier 4565353a3a84 PayloadDisplayName ACME PayloadRemovalDisallowed PayloadContent PayloadVersion 1 PayloadUUID f84ef110e39b PayloadType com.apple.security.acme PayloadOrganization NewComp PayloadIdentifier f84ef110e39b PayloadDisplayName ACME Configuration DirectoryURL https://acmeserver/acme/acme/directory ClientIdentifier test HardwareBound KeyType ECSECPrimeRandom KeySize 384 Subject 1.2.840.113549.1.9.1 test@test.com SubjectAltName KeyUsage 5 Attest

Hello All, We are looking to implement the ACME protocol for our organization PKI and as of now, we are trying out the demo ACME server hosted here. So far, we had a minor piece of luck in getting it to work properly twice, but after that, it errors out every time. This is the payload we are using: <?xml version=1.0 encoding=UTF-8?> <!DOCTYPE plist PUBLIC -//Apple//DTD PLIST 1.0//EN http://www.apple.com/DTDs/PropertyList-1.0.dtd> <plist version=1.0> <dict> <key>PayloadContent</key> <array> <dict> <key>ClientIdentifier</key> <string>123123123123123123123</string> <key>ExtendedKeyUsage</key> <array> <string>1.3.6.1.5.5.7.3.2</string&

Hi, We are testing the ACMECertificate payload and noticed that in the device's configuration, the key size is displayed as 0. Thanks in advance.