Add end-to-end encryption

[dineiar]

Some self-hosted photo libraries offer end-to-end encryption (e.g., Ente), while others store photos unencrypted (e.g., Immich).

This may be considered an asset (enhanced privacy) or an issue (the server is unable to see/read photos, so most features must be done in the client, for example face detection).

At least to me, this is an important thing to consider when choosing a photo library.

[meichthys]

Is this the same as #68 or is this more nuanced?

[dineiar]

Yes, it seems to be the same. I apologize for not being able to find it in my search before opening this one.

Even though I believe the title of the linked issue is a bit misleading: from my understanding, encryption for data at storage may be implemented in different ways (e.g., the server may hold all the encryption keys), while end-to-end encryption (e2ee) strictly implies the client to hold the keys. However, reading the linked issue in Immich repo and the discussion in #68, it is clear that it actually refers to e2ee.

I will close this issue.

[meichthys]

Thanks for the additional clarifications. I may go ahead and implement this at some point, but it just takes time to test everything.