Didn't Apple debunk that debunking themselves in February, when they released the iOS Security doc? [1]
According to Apple, each device's private key is generated locally and never leaves the device, making it impossible to MITM your messages.
From page 20: "For each key pair, the private keys are saved in the device’s keychain and the public keys are sent to Apple’s directory service (IDS), where they are associated with the user’s phone number or email address, along with the device’s APNs address."
That doesn't make it impossible to MITM - Apple still controls the keyserver.
When I ask for nardi's public key, they can give me theirs, I encrypt it with that key and send it. They use their private key to decrypt it, store it, and then encrypt it with your actual public key and forward it along, neither of us any the wiser.
According to Apple, each device's private key is generated locally and never leaves the device, making it impossible to MITM your messages.
From page 20: "For each key pair, the private keys are saved in the device’s keychain and the public keys are sent to Apple’s directory service (IDS), where they are associated with the user’s phone number or email address, along with the device’s APNs address."
[1] http://images.apple.com/iphone/business/docs/iOS_Security_Fe...