I think my original masterkey of the e2ee is compromised. So how can I prevent that someone is able to read the notes, because he got the passphrase for the e2ee-key. Can I us e anew one so the old one isn’t working anymore? Can I delete the old masterkey when using a new one? I did not find anything in Joplin concerning that problem. I set the new key actice (enable/disable enycryption) but as far as i understood the encryption I still can use the old key to decrypt the notes.
This seems like it might make a mess of things. What if one wanted to avoid syncing all their notes in plain-text to the sync target? (For instance, when Joplin deletes a note via WebDav in NextCloud, the notes are moved to trash, not deleted immediately. And who knows where else they might end up in plain-text.)
To avoid this, maybe one could disable encryption, wipe the remote storage completely and start over with a new key?
Off the top of my head, I'm not 100% sure what the other Joplin devices would do if their sync target suddenly has its content completely changed, but my guess is it would work as expected. (Just would take a looong while, if you have more than 10 notes. )
Right, it’s true it would be best not to reupload everything non-encrypted. Although I didn’t try, in theory if you disable encryption, and then re-enable it right away, it should mark all the notes for sync and reupload everything encrypted with the new master key.
To be safe, make a backup of your notes to JEX first.
Wouldn’t it be a good idea that I can delete an old masterkey after assigning and encrypting the notes with a new key?
In the meantime I decrypted and encrypted with a new key, on another pc the old key was still marked active although I also must decrypt the notes with the new key. I than again decrypted and encrypted with the same key and now I got three keys, but the right one is marked active. Weird.
)