Archive

Archive for June, 2019

Slides from the “MDM: From “Nice to Have” To Necessity” session at MacDeployment 2019

June 10, 2019 Leave a comment

For those who wanted a copy of my MDM talk at the MacDeployment 2019 conference, here are links to the slides in PDF and Keynote format.

PDF – https://tinyurl.com/MacDeploy2019PDF

Keynote – https://tinyurl.com/MacDeploy2019Keynote

Categories: Mac administration, MacDeployment 2019, macOS, Mobile Device Management

New TLS security requirements for iOS 13 and macOS Catalina 10.15

June 6, 2019 1 comment

As part of the information published at WWDC 2019 by Apple, the following KBase article has been released:

Requirements for trusted certificates in iOS 13 and macOS 10.15: https://support.apple.com/HT210176

Screen Shot 2019 06 05 at 8 39 55 PM

This KBase article describes how Apple is implementing new security requirements for TLS server certificates. These certificates are used by servers to encrypt communication between Apple devices and those servers, to make sure that all communication between the servers and those devices is protected.

  • Certificate key sizes must be 2048-bit or greater
  • SHA-2 must be used for the certificate signing
  • DNS hostname of the server must be listed in a Subject Alternative Name (SAN) certificate extension in addition to being listed in the Common Name field of the certificate.

Also, all TLS certificates issued after July 1, 2019 must meet these additional requirements:

What happens if you use iOS 13 or macOS Catalina to try to connect to servers with TLS certificates which don’t meet these standards? The connection will fail because the OS will reject the certificate as being invalid. This may result in a web browser not connecting, an app crashing or some other undesired behavior.

Screen Shot 2019 06 05 at 8 47 31 PM

Screen Shot 2019 06 05 at 8 48 57 PM

As part of testing iOS 13 and macOS 10.15 ahead of their release dates, I strongly recommend testing the various services used at your workplace to make sure that the TLS certificates used by the services of your company, school or institution are able to pass these requirements. Otherwise, you may find some unfortunate surprises on Release Day this fall.

Categories: iOS, Mac administration, macOS

WWDC 2019 notes

June 4, 2019 Leave a comment

This week, I’m out in San Jose, California as an attendee of Apple’s WWDC 2019 conference. As part of this, I’m taking notes during the labs and sessions. Due to wanting to stay on the right side of Apple’s NDA, I’ve been posting my notes to Apple’s developer forums rather than to here.

To make it easier for Mac admins to access them, I’ve set up a post in the forums where I’ve linking the various forum posts with my notes. It’s available via the link below:

https://forums.developer.apple.com/message/362911

Categories: Documentation, WWDC 2019