Comment by fc417fc802
3 days ago
Well yes, if you hand your keys over that is indeed a problem. Of course handing your keys over to the provider rather defeats the purpose of E2EE so hopefully no one is doing that.
Key escrow is the usual solution to an employer needing access to employee materials.
> Key escrow is the usual solution
Yes, and you move the problem to "is the entity/process/whatever handling key escrow under US jurisdiction"?
Yes, obviously, but key (/account/identity/etc) management is typically a much narrower and well defined problem to solve and in many cases it will already have been solved (centralized management of user accounts, employee ID cards that contain physical tokens, and other such things).