Feature request: Message self destruct

[mattdale77]

Would it be possible to add a self destruct element to secure messages? So that you can set them to remove themselves from a recipients phone after X number of minutes/hours/days?
Perhaps this could be either after it is read or after it is received.
Perhaps local deletion of messages in a conversation could ask if you want the remote version removed as well.

[sagischwarz]

The thing is that TextSecure is open source, so everybody can build its own client, which just can ignore the delete request from the server, so you cannot enforce it. Also, I think many people (including myself) do not like the notion that some server deletes content from their device.

[mattdale77]

While that may be true in reality most people will use the TextSecure app. I'm imagining protection again a friend losing or having their phone stolen. Perhaps a TTL in the message itself so there is no server interaction?
For the deletion of existing messages a request to edit the TTL for that part of the message? Again, p2p so no server interaction

[JavaJens]

Wouldn't the content encryption protect against a lost phone?
Plus most phones have remote wipe and I have a to agree with @sagischwarz I
don't like an app deleting my messages.

[mattdale77]

If the phone is off then yes, the content encryption would protect it all. However it could be on and cached. Or someone could be forced to type their password.

Perhaps a self destruct timeout in a conversation would have to be confirmed by the recipient so both parties agree that it is not a problem to remove messages after a time. That way you still have control locally but can service the senders request to remove messages after a time automatically

[tinloaf]

This is basically a duplicate of #1764 - this one is older, but the other one has more comments.

[moxie0]

Thanks @tinloaf , closing to consolidate into #1764