This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Add push notification end to end encryption #70
Comments
|
I love this idea |
|
Yeah so thinking more about this it's doable but won't be possible for the whole payload since I don't want to ship the APNS/SNS payload builder on clients since that can cause versioning issues if app expects one format but your older HA instance sends something else. So you would be able to encrypt any text, but things like the sound name and category key can't be encrypted. Guess it still provides some value but at lower rewards. |
|
I am pretty nub when it comes to notifications so apologies if this is just completely incorrect but would it be possible if you ship the APNS/SNS payload builder on clients, but keep each version in the client, so part of the unencrypted payload would be a client APNS/SNS builder version and based on that you can pass the encrypted payload to the correct builder version? At some point you can start deprecating older versions of hass completely and just remove older builder support from clients at that point. |
|
But.... that sounds like a lot of work :'( Yes, that is generally the correct way to do such a thing. |
|
gotcha! |
|
Reopening this as |
|
This might be a good use case for Paulus' idea of using a QR code in setup of mobile app. Good way to get a code into the app. |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Allow users to set a key in their HASS config and on the iOS app which would allow the full payload to be encrypted so that we/AWS/Apple wouldn't be able to see whats in it. Would require a notification service extension and probably migration of a lot of server side code to local. Would also need to expose a bit of metadata still, things like destination device SNS ID, IP of server sending for rate limit purposes, etc.
The text was updated successfully, but these errors were encountered: