• rcbrk
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 months ago

    Regarding encryption of the push message, from https://unifiedpush.org/developers/spec/android/ :

    Push message: This is an array of bytes (ByteArray) sent by the application server to the push server. The distributor sends this message to the end user application. It MUST be the raw POST data received by the push server (or the rewrite proxy if present). The message MUST be an encrypted content that follows RFC8291. Its size is between 1 and 4096 bytes (inclusive).

    • Kalcifer@sh.itjust.worksOP
      link
      fedilink
      arrow-up
      1
      ·
      1 month ago

      What’s interesting, and is confusing me about this, is that Ntfy does not adhere to this [1]. I’m not sure how this can be.

      References
      1. “End-to-end encryption (E2E) between clients (Android app, CLI, web app)”. binwiederhier. ntfy/binwiederhier. GitHub. Published: 2021-12-29T02:07:36Z. Accessed: 2024-11-22T05:04Z. https://github.com/binwiederhier/ntfy/issues/69.
      • rcbrk
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 month ago

        It doesn’t matter. Even if the ntfy message was plaintext, that plaintext content would be a UnifiedPush “Push message” which is the RFC8291-encrypted raw POST data.

        • Kalcifer@sh.itjust.worksOP
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 month ago

          So, for example, if one were to register Unified Push notifications with Matrix using Ntfy, the creation of the encrypted Unified Push notifications would be done by the Matrix Unified Push Gateway which then gets handed off to Ntfy? Is there a way to confirm that the received notification is indeed encrypted?