Implementing TLS Pinning with NSURLSession
With the advent of App Transport Security in iOS 9 and macOS 10.11, Apple began pushing developers into using more secure transportation channels for their applications' data. When an application is linked to those SDKs, the underlying networking stack enforces ATS compliance and the application becomes more secure. ATS’s requirements are quite easy to satisfy: Connections use HTTPS instead of HTTP Servers must present a certificate from a valid Certificate Authority The certificate must be signed with a RSA 2048+ bit or an ECC 256+ bit key The certificate must have a Secure Hash Algorithm 2 (SHA-2) digest of at least SHA-256 The certificate must be present in the Certificate Transparency (CT) logs The connection must use Transport Layer Security (TLS) 1....