> I guess there's also the problem of how to let a new joiner view previous messages. Can that be done with e2e encryption?
Of course. Share the key with a new joiner. Probably should be an option for admin, whether he wants to share (share the key) or does not want to share (generate new key and use it since that moment, old clients still remember old keys and can decrypt things).
Granted, I don't know much about encryption, end-to-end messaging, or otherwise, but it seems like a Very Hard Problem to solve for something like Slack.
> it seems like a Very Hard Problem to solve for something like Slack.
There are plenty of messengers with E2E encryption and group chats with working search. Sure, it's not a straightforward task and server-side handling of search and other functions makes everything much easier, but I don't think that it's impossible task.
Though I'm not sure if demand is big enough. I would think that just self-hosting slack would be preferable for many organizations.
Honest question - how does this work across thousands of employees, some of which are almost guaranteed to be bad-actors at one point? Or is that just not a problem that's trying to be solved? What are the impacts if someone leaks that?
> There are plenty of messengers with E2E encryption and group chats with working search.
I don't know - are they on the (user) scale of Slack? How many people can you add to a group in WhatsApp or iMessage? (I honestly don't know, but I would suspect Slack lets you have more people in a 'group' than them).
Again, I have only a very cursory knowledge of how iMessage does E2E encryption. Obviously Slack would need to choose a different approach, but I wouldn't look at other messaging apps for examples.
Unless the channels you’re on amount to at least one Bible-length document per day and you’re trying to index multiple years of content, the storage requirements for an index aren’t going to be a problem.
Yes, that could be done with e2e encryption. Typically a setup would use one secret key for crypting one (set of) message(s) and that key would be encrypted in a way that all authorized users can decrypt it. A new user then only needs access to the group key, which can be done cheaply (by anybody with access to the group key and all user's public keys)
I guess there's also the problem of how to let a new joiner view previous messages. Can that be done with e2e encryption?