Comment by I_am_tiberius
9 hours ago
Ah ok. I guess that means when a user leaves the team, you have to re-encrypt the codebase with a new symetric key (as the user would still know the old symetric key)?
9 hours ago
Ah ok. I guess that means when a user leaves the team, you have to re-encrypt the codebase with a new symetric key (as the user would still know the old symetric key)?
Depending on the threat model you want to protect against, yes. For example, although a revoked user doesn't have direct access to data anymore, they could technically collude with us to get future encrypted messages and then decrypt them. At the moment rekeying is only possible by exporting a workspace, changing its key (with a command line tool), and then reimporting it.
I didn't want to sidetrack you with this. I just wanted to know if I understood correctly. I believe this is nothing you need to worry about at this time. Thanks.