In URLSession:task:didReceiveChallenge:completionHandler:, is there a difference between using .proposedCredential vs URLCredential(trust:) of the server trust object in the challenge protection space?

This is to pass back as the second parameter in the completion handler of the delegate method, along with .useCredentials.

Answer received here: https://forums.developer.apple.com/message/361609

Realistically there’s no difference here. For server trust authentication challenges, the system does not actually look at the trust object embedded in the credential you pass to the completion handler; all that matters is that you pass in something.

Having said that, I recommend that you stick on the well-trodden path and construct a new credential. I’m actually quite surprised that proposedCredential is even populated in this case.