Maybe must go JWT by 2020-11
dimaqq opened this issue · comments
Pr0Ger/PyAPNs2#103 (comment) states:
Starting from November 2020 Apple will no longer support cert-based authentication and will only support JWT APNS communication.
Starting from November 2020 Apple will no longer support cert-based authentication and will only support JWT APNS communication.
[citation needed]
The only thing I could find that will be deprecated in November 2020 is the old non-http2 protocol: https://developer.apple.com/news/?id=11042019a
Perhaps I misunderstood that repo...
Maybe we can recommend them aapns
The linked comment does indeed claim that support for cert-based h2 ends, but I wasn't able to find anything from apple itself that this will happen. If someone can find that information that'd be great (if it exists).
I still maintain that the JWT based authentication approach is a strict downgrade from a security in depth point of view as the JWT based system gives any key access to all apps in an Apple account in both testing and production with no expiration, whereas the certification based system is per-app, different for testing and production and keys expire.
the deadline to upgrade to the APNs provider API has been extended to March 31, 2021
Just to clarify, aapns
never supported the legacy binary protocol that is being deprecated by Apple in these announcements. I've yet to see any news from Apple that they intend to deprecate certificate based authentication for HTTP/2-based APNs.