Client validation, so only the app can submit/retrieve keys (i.e. not malicious third-parties). This could be achieved using several methods, including App Store receipt validation on the server
I've never done this before so will need to do a bit of desk research. Assuming it's tied to provisioning.
I've never done this before so will need to do a bit of desk research. Assuming it's tied to provisioning.
See https://github.com/CrunchyBagel/TracePrivately/blob/77d93f846540f011ffb0318ab32ce52fecc29fcd/KeyServer/README.md