Hi, I’m interested in security. I read that before data is sent to the server, it is encrypted on the local PC. This is fine. But the private key is stored on a server with which data can be decrypted. How secure is this, no one has access to these private keys?
I suppose there is another certificate on the server (about 4KB RSA) with which these private user keys are encrypted. But again, someone could get this private server certificate (even if it was a stupid employee) and decrypt private keys and then data with them.
How does this work?
Thank you for answer.