Despite the security advantages of the new client-side (End-to-End) encryption feature there is another major benefit: It theoretically takes the workload of encrypting and decrypting files from the server to the client. This becomes more important when running Nextcloud on weaker hardware such as a Raspberry Pi.
Unfortunately at the moment it is not possible to enable client-side encryption without activating server-side encryption first (which can not be disabled again easily).
As far as I understand, this causes all new files to be encrypted by the server. Only those files which are stored in secure folders, are being encrypted by the client (after enabling the CSE feature).
I wish client-side and server-side encryption could be managed separately. Is there any real reason why these two features must be connected?