As discussed in the previous chapter, the keychain is known as a way to centrally store and manage credentials and other secret data that are in use by applications on the behalf of the user, carried over from OS X. There is also the concept of a keybag, which in practice is a grouping of secrets (or more practically, keys) that allow the system to manage the moving parts around specific interactions. Besides, when used by the system itself to manage the encryption of the data, these deal with primarily when a backup will run either over Wi-Fi to iTunes, when tethered by USB to iTunes, or while the device is plugged into a power source and locked as a requirement to send to iCloud Backup.

Explaining keybags as a concept is a minor point, but there has been terminology confusion regarding things such as the securing of apps with digital rights management and the use of the keychain, neither of which are directly related. To summarize, keybags are an abstraction for secrets...