Details
-
Suggestion
-
Resolution: Won't Do
-
None
-
None
Description
As of now, end-to-end encryption does not exist for push notifications. It means that every service that is processing them is processing plain text. Transport security between services should protect them from third parties nevertheless.
It will be good if we can ensure that the content of push notifications reaches the iOS / Android devices securely by sending them through a secure path. The client receives a notification through the regular iOS/Android mechanism (but to get the details it connects to HipChat Server directly).