XPost: misc.phone.mobile.iphone
From: nuh-uh@nope.com
On 2026-01-10 13:52, Maria Sophia wrote:
> Tyrone wrote:
>> On Jan 10, 2026 at 2:01:10 PM EST, "Alan" wrote:
>>
>>> You haven't quoted any part of any Apple document to support your nonsense.
>>
>> Par for the course.
>
> Hi Tyrone,
>
> It's interesting, and perhaps rather revealing that you have 16 iOS
> devices, and yet you have no memory of being asked for a password even when
> you were already logged into them, since certainly others have remembered.
>
> It's almost as if your claimed experience is the only one in the world
> since iOS absolutely uses multiple independent authentication tokens.
>
> A: This is documented across Apple developer materials.
> Each service maintains its own authentication state.
> This is not controversial in technical circles.
And yet you do not quote those documents to support your claims.
Interesting.
>
> B. Tokens do expire on different schedules.
> Apple does not publish exact lifetimes, but the behavior is well-known.
> Some tokens refresh silently, some require user interaction.
Same observation
>
> C. Silent refresh failures do cause password prompts.
> This is normal behavior.
> It does not require logout.
Same observation
>
> D. Long-term refusal to authenticate can cause cascading failures.
> This is consistent with how token-based systems behave.
Same observation
>
> E. Activation Lock is server-side and tied to Apple ID trust state.
> If the server cannot validate the Apple ID owner, the device can enter
> a locked state even without erasure.
>
> The fact you have no memory of iOS doing what it does, is revealing.
>
> But you did mention that you enter the passwd for obtaining apps, right?
>
> 1. When you download an app and enter your Apple ID password, iOS
> refreshes multiple authentication tokens.
>
> 2. The App Store uses its own set of tokens:
> a. Purchase validation token
> b. App Store session token
> c. StoreKit transaction token
>
> Apple documents that App Store sign in is separate from iCloud:
> https://support.apple.com/HT201389
>
> 3. When you successfully authenticate for an App Store action, the
> following usually happens:
> a. The App Store tokens are refreshed
> b. The Apple ID session token may be refreshed
> c. The device proves to Apple servers that the Apple ID owner is
> present and valid
>
> 4. This can indirectly refresh other long lived Apple ID state because
> Apple treats a successful password entry as a high confidence
> re authentication event.
>
> 5. What it does NOT refresh:
> a. iMessage or FaceTime activation tokens
> b. iCloud Keychain escrow tokens
> c. Find My device binding tokens
> d. Device Setup Services tokens
>
> Those subsystems have their own refresh cycles and their own
> failure modes.
>
> 6. Summary:
> Entering your Apple ID password for an App Store download DOES
> refresh some authentication state, but it does NOT refresh all
> Apple ID related tokens. This is why two users can see very
> different long term behavior depending on which prompts they
> satisfy and which they ignore.
>
> So your lack of memory of iOS doing what it does is rather revealing.
>
So you claim that for more approximately 4 years, you had an iPad that
you've just kept for "testing"...
...but you also claim you've gone to the Apple Store with physical proof
of identification to get that same iPad unlocked.
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
