You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If we wanted to restrict a sync server's read access to application data (as opposed to the team membership data), we would currently have to create a new role that is only for human members (and ensure that every member was added to it), and encrypt the application data with that role's keys. It might make more sense to separate out the graph keys (for encrypting the team graph) from the team keys (for encrypting data for human members of the team).
Test plan:
Alice uses the team keys to encrypt a message
assert Bob and Charlie can decrypt the message
assert the server can't decrypt the message
The text was updated successfully, but these errors were encountered:
If we wanted to restrict a sync server's read access to application data (as opposed to the team membership data), we would currently have to create a new role that is only for human members (and ensure that every member was added to it), and encrypt the application data with that role's keys. It might make more sense to separate out the graph keys (for encrypting the team graph) from the team keys (for encrypting data for human members of the team).
Test plan:
The text was updated successfully, but these errors were encountered: