CNA documentation

+1

i'm searching for it too!

Me too

We are also in need of this documentation. I have called apple enterprise support and developer support with no luck, without proper documentation of apple cna and apple wispr agent we are left with bad work around (DNS spoofing apple success pages to remove CNA login). Apple CNA is an extremely limited stripped down browser that does not have support to check certs within the keychain or other standard web page support. The only documentation i have found are stackoverflow posts and apple support posts that state there is no documentation. Spoofing of apple success pages result in DoS by phones within the captive portal network because the apple success page via CNA results in services on the phone being turned into an online state for instance Active-Sync.

What is needed is documentation on how CNA is implemented (which has mainly already been discovered by other users). And ways of implementing workaround to disable the captive portal detection if the CNA browser will be this limited. A mechanism to turn the captive portal detection off and keep service off is needed.

http://www.apple.com/library/test/success.html

Hi there,

afaik there is no documentation available - for some reasons, I believe. iOS 10.3.1 altered the behavior of the CNA again and I don't think that was the last change. It's interesting to follow the mailing list of the ietf working group for captive portals, by the way.

In my company, I highly recommended not to try looking for CNA workarounds any more and get along with it's only purpose: Acceptance of terms and conditions for internet access. Nothing more. No services.

I technically understand Apple's reasons for this decision - same with Android. But it really would help to have a statement, that that's the way they're heading.