I've built[1] a quick prototype[2] with PATs It appears that ios16 only successfully provides the token challenge once every minute. Is this intentional? From an implementation perspective, are website implementors intended to: add add a cookie to capture the state of a previous successful challenge? should we use the max-age= and expect the Authorization token to repeated during burst of requests? should we present unique redemption contexts on each request? is there a way to get context on why the token generation failed (eg: issuer cannot be contacted? malformed challenge?) General feedback: debugging tools would be useful to know if the challenge or issuer has issues. Even console debug messages would be appreciated issuer requests bypass any proxy setups with root-CAs (related to debugging needs) [1] https://github.com/colinbendell/private-access-token [2] https://private-access-token.colinbendell.dev/test.html

After about a week of back and forth with Verizon FIOS, I determined I was not getting the contracted network speed due to the use of Apple Private Relay (Beta). I did some searching and discovered I am not the only one experiencing this issue. With 300/300 Mpbs Verizon FIOS and Apple Private Relay enabled, the speeds were 95 Mpbs download and 61 Mpbs upload, and when disabled were 333 Mpbs download and 351 Mpbs upload. Obviously, I see the value in Apple Private Relay, however, throughput needs to be much better to gain broad acceptance and adoption. As of this post, I have Verizon FIOS' latest Router and WiFi Extender, a MacBook Pro (mid-2015), and an iPhone 13 Pro Max, which I conducted the tests with over about a week. I worked with Verizon's technical support and tested each step to isolate with Apple Private Relay enabled, network performance degrades substantially, and with it disabled achieved the contracted network speeds or better.

The life of a developer is just as the name suggests he may be a tech improves for the rest but for him it's about giving away his private life for the sake of Technology, let's start this way I got into this as a part of learning for my future project, and got excited seeing their carkit Api and Pull tech which made me ended up here so while carkit testing you can't live a private life, I already compromised as Is started learning with my personal Mac and Phone. But I believe there is a reason for both parties to do so. when you Automate there is just data and the path which are imp and it should give minimum damage to the Customer in terms of data exposure. This is a personal note about" privacy - regarding the Agreement I could say! Cheers Team!!!!

I am interested in experimenting with Private Access Tokens with some of our orgs web security services. I am unable to use any of the token issuers available today. The documentation states that registration will be available for other issues. Is there an estimated date when that will become available? I dont see any such registration at https://register.apple.com