Create arch-level documentation for Qubes backup mechanism

[rootkovska]

Upss, turned out we don't have a developer-level documentation of our backups infrastructure (and call me a conservative, but qubes-devel threads do not count as a documentation!).

Things we should cover:

1. Backup threat models:
   • traditional: backups coming malicious USB/disk/NAS, verified using digital sig
   • paranoid: backups made on a compromised system (upcoming post on this)
2. Implementation (diagram-level description):
   • in Qubes 3.x
   • in Qubes 4.0 (using AdminAPI, will be partly covered in the upcoming post)
3. Backup formats

[andrewdavidwong]

References for anyone who works on this:

• User backup documentation
• qubes-devel thread (original design and technical details of implementation)