Comment on Photo management - storing friends' photos
Cyber@feddit.uk 2 weeks agoI commented elsewhere here, but E2E encryption is just between the server and the end user (ie a VPN)
You’re thinking about encryption at rest, on the storage.
Immich would have to setup a whole new design to be able to store all the metadata on a per-user basis… but… you could have multiple Immich instances if you were to host it for your friends, but I think we’re drifting into “why bother” now…
chaospatterns@lemmy.world 1 week ago
Encryption at rest just means the data itself is encrypted when stored on disk and the key is somewhere. It doesn’t dictate that the key is not visible to the server.
Encryption in transit refers to an encrypted channel from client to server.
E2E encryption usually refers to encryption from one entity to another where any intermediary servers do not have the ability to decrypt
Source: too many years doing application security at my job