Latest commit 41eae7b
Nov 6, 2013
|Failed to load latest commit information.|
This is an example iOS application that demonstrates SSL pinning. The application consists of a simple master/detail application that displays the first page of results when searching Twitter for #SSL tweets. The Twitter search API is accessed over HTTPS. The built-in iOS APIs are used to ensure that the SSL certificate presented by the server is signed by a specific certificate authority. This is in addition to the normal certificate validation that the platform performs when making HTTPS requests. The starting place for looking at how this works is the delegate responsible for handling HTTP authentication challenges: XBURLConnectionAuthenticationDelegate Disclaimer: This project is published as-is and is intended as a proof-of-concept to demonstrate a technique. Appropriate security techniques and their implementation depend on the application context and require careful consideration and review.