- an extremely-crypto/privacy-aware family who is concerned that although end-to-end encrypted, there is no out-of-band user-validated key exchange (e.g through a digit code or QR-Code) or prior validation (e.g per-key TOFU) of the other party's identity or update to their keys. Which means that theoretically Apple could insert a new key in the user's set (there is a key per user's device for perfect backward/forward secrecy†) anytime to MITM/intercept messages and you would not be able to monitor it††.
† This is obviously defeated by Messages in iCloud (which you can disable) but the iMessage protocol has this built in.
†† Of course if there was some feature like that, Apple could also make such a key hidden in some way because they also control the Messages app code.
