Hi Halil, I implemented this feature on Signal iOS and can confirm that messages are end-to-end encrypted.
1) The iPhone registers for push notifications. 2) When a message arrives, and the app is not in the foreground, a push notification is sent (it is constant size) and contains no metadata on sender or even encrypted content. 3) When the iPhone gets that push notification, it doesn’t display anything to the user but open a socket in the background to the Whisper Systems web socket to fetch the message payload. Decrypts it. Checks the user’s notification display style preference. And shows relevant information. So to sum up, APNS is just used as a “wake-up” signal to tell the recipient’s phone that a message is available. Best, Frederic > On 23 Feb 2016, at 13:40, Halil Kemal Taşkın <[email protected]> wrote: > > Hi Trevor, > > Then just to clarify things, please kindly check the attached screenshot of > my iPhone. I want to figure out what I am missing? > > To test the system, my friend Murat wrote me a message: "This message should > be encrypted.". > > And the message itself is directly shown in the notification as you can check > from the screenshot. This is actually what I want to point out. > > If you are familiar with mobile development and push notification services, > this means, the message travelled through Signal's app server's push handler > and Apple APNS as plaintext. > > Screenshot: > https://www.dropbox.com/s/euy5a98v0ej9jyb/SignalNotification.png?dl=0 > <https://www.dropbox.com/s/euy5a98v0ej9jyb/SignalNotification.png?dl=0> > > Regards, > Halil Kemal TASKIN. > > > 23 Şub 2016 tarihinde 11:51 saatinde, Trevor Perrin <[email protected] > <mailto:[email protected]>> şunları yazdı: > >> On Tue, Feb 23, 2016 at 1:41 AM, Halil Kemal Taşkın <[email protected] >> <mailto:[email protected]>> wrote: >>> But your message is also sent in plaintext for push notification issues. >> >> Hi Halil, >> >> Your description is wrong - Signal works as Raphael describes. >> Plaintext content for encrypted messages is not sent through push >> services. >> >> Trevor > _______________________________________________ > Messaging mailing list > [email protected] > https://moderncrypto.org/mailman/listinfo/messaging
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
