Dear Community,
I have a question about the security and encryption of organizations and collections.
If I have understood correctly, the symmetric key of the organization is encrypted with my public key, so that I then receive the organization key and can use it to decrypt the organization. This principle is standard and secure.
What about the collections to which I have or do not have access?
Am I right in assuming that I can in principle decrypt the data of the entire organization and have it available locally and that the client app only filters entries here depending on the authorization? If this is the case, could I (if I could program) patch the client app and in principle display all organization entries - even if I have no authorization?
What happens if I am excluded from an organization or leave it - I had the symmetric key beforehand and could still decrypt the data with this key - or is the organization key changed for all participants when they join or leave?
Many thanks - unfortunately I was unable to find any details on the above in the documentation.