Cross posted from https://discussions.apple.com/message/17059139
I have spent some time researching this and have been unable to satisfy my questions in sufficient detail.
I am interested in utilizing a certificate authenticated VPN to connect iPads to my enterprise's network. Obviously as the certificate will be used for authentication to connect the VPN the handling of this certificate is of great import.
Additionally, with the addition of soft token S/MIME PKI email support in iOS 5, the functionality of iOS's certificate store deserves a more thorough study.
Presumably I will utilize a configuration profile to transfer both my private key and VPN connection profile settings to the device. This will be done via the iphone configuration utility in testing, and in pilot/production phase a MDM solution.
So with the certificate transferred, it is saved in the devices keychain, which as I understand is accessed by a separate hardware security processor on the device. This hardware security processor will allow access to the keychain via the device password. Obviously a strong complex password will be desired here due to this device password not only protecting the device, but also the certificate necessary for VPN authentication to my network.
Presuming a rouge entity obtained the device and device password, is there an opportunity to export a certificate? From my initial attempts, it does not seem like there is an obvious way to do this. However, could an app be written to do so? As I understand it, it is alluded to that perhaps it works similar to a smart card where the security processor does all crypto functions, never exposing the keys to the system CPU, and therefor never allowing the export of the key outside of the security processor jail. What I want to have confirmed, specifically from Apple, Does the hardware security processor ever, even programmatically allow the export of the certificate?
Is there currently, or is there planned in the future, allowance for additional security measures protecting certificate usage? For example in my Windows environment I can set group policy which will force security policies over top of certificates placed in my cert store. If I set to medium, the cert store will warn me anytime an application attempts to use my certificate. If set to High, I must set a password which is entered upon every use of the certificate. These functions are useful not only for protection of the certificates, but also in obtaining an additional instance of user affirmation at the exact point that they are performing a cryptographic operation.
Additional detail surrounding these topics would be most helpful. The enterprise PDFs area great start, but do not get down to a level that I need. From my understanding this architecture should apply to iPad1 & iPad2, iPhone3GS, 4 and 4s. My project is targeting the iPad2.
I have spent some time researching this and have been unable to satisfy my questions in sufficient detail.
I am interested in utilizing a certificate authenticated VPN to connect iPads to my enterprise's network. Obviously as the certificate will be used for authentication to connect the VPN the handling of this certificate is of great import.
Additionally, with the addition of soft token S/MIME PKI email support in iOS 5, the functionality of iOS's certificate store deserves a more thorough study.
Presumably I will utilize a configuration profile to transfer both my private key and VPN connection profile settings to the device. This will be done via the iphone configuration utility in testing, and in pilot/production phase a MDM solution.
So with the certificate transferred, it is saved in the devices keychain, which as I understand is accessed by a separate hardware security processor on the device. This hardware security processor will allow access to the keychain via the device password. Obviously a strong complex password will be desired here due to this device password not only protecting the device, but also the certificate necessary for VPN authentication to my network.
Presuming a rouge entity obtained the device and device password, is there an opportunity to export a certificate? From my initial attempts, it does not seem like there is an obvious way to do this. However, could an app be written to do so? As I understand it, it is alluded to that perhaps it works similar to a smart card where the security processor does all crypto functions, never exposing the keys to the system CPU, and therefor never allowing the export of the key outside of the security processor jail. What I want to have confirmed, specifically from Apple, Does the hardware security processor ever, even programmatically allow the export of the certificate?
Is there currently, or is there planned in the future, allowance for additional security measures protecting certificate usage? For example in my Windows environment I can set group policy which will force security policies over top of certificates placed in my cert store. If I set to medium, the cert store will warn me anytime an application attempts to use my certificate. If set to High, I must set a password which is entered upon every use of the certificate. These functions are useful not only for protection of the certificates, but also in obtaining an additional instance of user affirmation at the exact point that they are performing a cryptographic operation.
Additional detail surrounding these topics would be most helpful. The enterprise PDFs area great start, but do not get down to a level that I need. From my understanding this architecture should apply to iPad1 & iPad2, iPhone3GS, 4 and 4s. My project is targeting the iPad2.