No. We’ve come up with a process for sharing files that let’s us act like something of a blind middle-man. Here’s how it works:
Next, as you upload files the client encrypts each file using OpenPGP along with the derived OpenPGP pass phrase from the last step. Lastly, once you’re finished, the client shows you a link that you manually email to your recipients so they can access the files. The important part is that the Client Secret, which we don’t know, is included in the download link as a Fragment Identifier (the part of the URL that follows a hash tag). The reason this is important is that Fragment Identifiers, while part of a URL, don’t ever get sent to the server when the link gets clicked. What this means is that when you send someone the link and they click on it, the Client Secret doesn’t get sent to us. The user’s browser, however, DOES see the Fragment Identifier. This means that when the client loads to decrypt the files, it can read the Client Secret and recalculate the decryption key needed to read the files!