What would happen if a government issues a subpoena for the passkeys stored in say, iCloud in this case? Would not that makes it easier for them to have access to an individual's private communications, for example?
> What would happen if a government issues a subpoena for the passkeys stored in say, iCloud in this case?
From [1], "Keychain items are transferred from device to device, travelling through Apple servers, but are encrypted in such a way that Apple and other devices can’t read their contents."
Apple doesn’t copy over your private key, if you don’t have something interesting. But if you do have something interesting, then governments could ask, I request that you copy over the private keys for these individuals with 2 weeks, and not disclose this request. Of course, iOS is closed source and users will never know.
It’s access on demand when needed. It can be done with or without passkeys, but the statements that Apple doesn’t have your passkey is inaccurate.
>> Once created, the passkey can be stored in iCloud’s Keychain and synced across multiple devices—meaning your passkeys will be available on your iPad and MacBook without any extra work.
So apparently you can transfer a passkey from device to device through cloud.
From [1], "Keychain items are transferred from device to device, travelling through Apple servers, but are encrypted in such a way that Apple and other devices can’t read their contents."
[1] https://support.apple.com/en-gb/guide/security/sec1c89c6f3b/...