I understand with encryption (end-2-end). I can not understand where to store the keys or key. Found the library https://framework.zend.com/blog/2016-08-19-end-to-end-encryption.html

but it says that the key should be stored in a session, which is not safe (I think so).

Is it possible to store end-to-end in general in a web application? If you can then where to keep the keys?

  • why are sessions not secure? why do you think so? - Manitikyl
  • Well, because the developer has access to the session and can take the key from there, or am I wrong? - gudfar
  • It means that only clients should have keys, bypassing the server? - MAX
  • Yes, I would like that) - gudfar
  • Oh, I see. Krch guy right now телеграм №2 will do, then because of him again RKN half of the Internet (ipov) block. Do not help the guy save the Internet. - Manitikyl

0