Comment by arccy
15 days ago
if google were to transfer the keys elsewhere, they would have (temporary) custody of the keys, granting them access, and invalidating the statement.
15 days ago
if google were to transfer the keys elsewhere, they would have (temporary) custody of the keys, granting them access, and invalidating the statement.
My layman’s understanding is that a user’s private key is used to decrypt a random key, which is then used to protect data. Shared files then only require adding key access to that small secret by someone who knows the original key. If one of the original public keys is always one held by authorities, Google never needs to have custody of the private key and can’t access the data themselves making the statement true, but misleading.
> they would have (temporary) custody of the keys
No, they would have had custody of the keys. Meaning it would still be true they cannot (now) access the data.