Our app has certificate pinning but if either the authentication method or the host is different, we just choose to let the system handle the approval of the challenge. Is it possible to ask for an authentication method other than NSURLAuthenticationMethodServerTrust that would get accepted by the system or send a valid 301 response or exploit this in any other way?