> On Jun 28, 2017, at 8:04 PM, Dave Fernandes <dave.fernan...@utoronto.ca> > wrote: > > So everything is protected by the iCloud Drive service key, but what does > “which is then stored with the user’s iCloud account” mean? Is it stored on > the device or in iCloud? That makes all the difference.
I agree it’s vague. The way I read it is that the service key is stored with other account data in iCloud, but the account data is itself encrypted via the user’s passphrase (which is not known to Apple.) If the service key were stored locally, that would beg the question of how it gets from one device to another. You have to be able to access everything from a new device by logging into iCloud, so any secrets have to be stored online. But by encrypting them using the passphrase, Apple prevents anyone else (including themselves) from reading them. —Jens _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
