What is the purpose of the tri-state BootstrapTokenAllowedForAuthentication value?

Business & Education Device Management
BlueTeam OP
Created Aug ’20
Replies 1
Boosts 0
Views 479
Participants 2
What is the purpose of the tri-state BootstrapTokenAllowedForAuthentication value in the SecurityInfo response?

allowed, disallowed, not supported are the possible values

https://developer.apple.com/documentation/devicemanagement/securityinforesponse/securityinfo?changes=latest_beta

During WWDC2020 and when the key was a boolean it seem to be that the key was to indicate if a bootstrap token existed on the device, but that doesn't seem to be the case now with the allowed, disallowed, not supported values.
Replies  1
Boosts  0
Views  479
Participants  2
Engineer OP
Apple
Sep ’20
We'll have some published text coming shortly, but here's a quick version:

This value specifies whether the Secure Enclave Processor (SEP) supports and allows secure operations to use the Bootstrap Token. The value is automatically set for devices enrolled through the Device Enrollment Program (DEP). The user can also manually set this value in the RecoveryOS. Currently, only supported on Apple Silicon devices.
0
What is the purpose of the tri-state BootstrapTokenAllowedForAuthentication value?
First post date Last post date
 
 
Q