User Guide

Preface iPhone in the Enterprise 11

Network Security

iPhone and iPod touch support the following 802.11i wireless networking security

standards as defined by the Wi-Fi Alliance:

Â WEP

Â WPA Personal

Â WPA Enterprise

Â WPA2 Personal

Â WPA2 Enterprise

Additionally, iPhone and iPod touch support the following 802.1X authentication

methods for WPA Enterprise and WPA2 Enterprise networks:

Â EAP-TLS

Â EAP -TTLS

Â EAP-FAST

Â EAP-SIM

Â PEAP v0, PEAP v1

Â LEAP

Certificates and Identities

iPhone and iPod touch can use X.509 certificates with RSA keys. The file extensions .cer,

.crt, and .der are recognized. Certificate chain evaluations are performed by Safari, Mail,

VPN, and other applications.

iPhone and iPod touch can use P12 (PKCS #12 standard) files that contain exactly one

identity. The file extensions .p12 and .pfx are recognized. When an identity is installed,

the user is prompted for the passphrase that protects it.

Certificates necessary for establishing the certificate chain to a trusted root certificate

can be installed manually or by using configuration profiles. You don’t need to add root

certificates that are included on the device by Apple. To view a list of the preinstalled

system roots, see the Apple Support article at http://support.apple.com/kb/HT3580.

Certificates can be securely installed over the air via SCEP. See “Overview of the

Authenticated Enrollment and Configuration Process” on page 22 for more information.