[skybrian]

It’s not end-to-end, but that seems a bit exaggerated. An organization will still want encryption in transit, encryption at rest for its archive, and good access control.

[tptacek]

In secure messaging as a cryptographic discipline, this is like saying you don't want secure messaging. Secure messaging is end-to-end secure, and the basic core threat modeling of a secure messaging service includes adversaries who defeat transit-only encryption.

All this is to say: it's unremarkable to me that the Signal compliance fork government officials are using, which is premised on the capability of archiving messages, defeats secure messaging. That's literally what it's for.

[ethbr1]

Hypothetically, wouldn't the best Signal archiving be to make the custom client auto-add an archiving "user" to all chats, with that user only connected from secure archiving machines? Then convert archive user client text to whatever government encrypted form on that machine for long term storage?

Curious what the best way of archiving with Signal's security model would be.

[tptacek]

There's a reason Signal doesn't archive, and you have to fork it to make that happen.

[throwaway2557]

My stock, unmodified Signal app does archive: Settings > Chats > Chat backups.

[ethbr1]

"a reason"?

[skybrian]

Secure group chat is possible. If saving messages to an archive is what you want, Why isn’t the archive just another endpoint to deliver messages to?

The threat model would cover the risk of intercepting messages on the way to the archive and unauthorized access to the archive.