I.e. if using Advanced Data protection for end-to-end encryption for all iCloud stored data (a feature expected to be available before end of year 2022), will the DEVONthink CloudKit sync encryption key be redundant? Explicitly: if leaving the CloudKit encryption key field black, will the data still be end-to-end encrypted as part of the new Apple policy (assuming Advanced Data protection is turned on).
This is a sea change in terms of encryption policy and will affect, potentially, all third party apps using cloudkit. It’s very much worth knowing what the details are in this situation.
“End-to-End encryption” could well mean “encryption before it leaves the machine and decryption after it arrives in iCloud”. So just “encryption in transit”. In that case, it shouldn’t influence other apps. If Apple has done it right. Which remains to be seen. I’m not overly confident, given their record in network programming.
I may have misunderstood something (quite likely), but their announcement is for iCloud, not CloudKit. CloudKit runs separately and already offers end to end encryption via the encryption key. It isn’t mentioned in this update.
I’m not sure if “iCloud” is the product name here or the name of the underlying technology. But afaik, the original iCloud technology is more or less phased out and iCloud (the product) is running predominantly on CloudKit.
Currently, your DTTG iCloud backup can be accessed by anyone that Apple provides the key to. With the new “Advanced Data Protection” turned on that will no longer be the case: the key is only on your device(s)