Recently I heard rumours that discussions were happening with various MDM vendors about APNS implementations, specifically about changing how things were done at their side of APNS.
(I’m going to get in depth here, so I would HIGHLY recommend looking at Brad Chapman’s JNUC 2017 talk on APNS.)
Short version: The original method used by MDM servers to connect to APNS, was a binary communication via “gateway.push.apple.com” and “gateway.sandbox.push.apple.com” on port 2195 and receive feedback replies on port 2196. This all uses standard SSL connections.
Brad’s talk makes mention of a newer APNS connection API that uses HTTP/2. Apple’s own KB’s are starting to make reference to this.
How does this fit in? Well it looks as though Apple is going to overhaul the connection method between your MDM server and the APNS service. These are the new addresses in the link above: the older ones have disappeared utterly. Now we’re being told to use the following:-
Development server: api.development.push.apple.com:443
Production server: api.push.apple.com:443
Note the port change too. The protocol has changed too, and means APNS is now entirely HTTP/2.
Now I’m guessing as to why here, but I’m fairly sure this change is purely for additional performance improvements. Mostly from multiplexing of requests and responses to avoid the head-of-line blocking issues, header compression, and prioritisation of requests. There’s probably some other things in there too.
Reading between the lines if you have a cloud based MDM provider then you don’t need to worry as the work is entirely going to be on them. On the other hand, if you have an on premises type solution then you’re going to have to start the preparation work on your firewalls and other infrastructure so you’re not cut off.
And $diety help you if you’re in a proxied environment. I haven’t seen a proxy yet (excluding SOCKS) that could support HTTP/2 traffic, plus in “high security” environments that do SSL inspection / Deep Packet Inspection / man in the middle snooping this will break APNS spectacularly.
Winter is coming …