mlaga97
I think shared hosting there is more meant to refer to the older “upload your files in webmin and we’ll shove them in /cgi-bin/ with everybody else’s”-style hosting where multiple users sites are running on a single instance of a webserver versus a VPS giving you a VM with SSH access?
Where the metadata goes I think is important as well.
All Signal metadata necessarily goes through Signal’s servers and is tied to your phone number, but not all Matrix metadata ever gets near the Matrix.org if you are using a different homeserver.
I think both are less than ideal in that regard, and I think Briar (strictly P2P) has a much better model for dealing with this at the expense of generally being a UX disaster.
The server software appears to be available and updated now, which they’ve been spotty about in the past. I’ve updated to remove the closed-source part since that is not correct.
As for phone number: Signal still requires me to enter a phone number to create an account as of about 5 minutes ago.
Signal is centralized, closed-source, not-selfhostable (edit: in any meaningful way) and requires being attached to a phone number. (Edit: server source is available, but self-hosting requires recompiling and distributing a custom app to all of your contacts to actually use it.)
Matrix is decentralized, federated, fully open source with multiple client and server implementations, self-hostable, and does not require being attached to a phone number.
Possibly not relevant to your use case, but one point that I haven’t seen mentioned yet is that for many SUVs that are available in both FWD and AWD, the tow rating will be significantly higher for the AWD version (like 5000lbs vs 3500lbs for FWD in the case of the Toyota Highlander and Honda Pilot)
If you are dead set on a specifically certificate-backed access control scheme, a VPN with the ability to use the hardware-backed certificate store (such as OpenVPN) is likely easier to set up as it is better supported on mobile devices and doesn’t require application-level support (i.e. everything is protected, not just the apps w/ mTLS support)
https://openvpn.net/faq/how-do-i-use-a-client-certificate-and-private-key-from-the-android-keychain/