Exactly right -- with a car key, you have full access to the 'encryption technology' architecture.
You know what the key looks like, how it works, how it interacts with the lock to open it.
You just don't have the key. Really, it's the exact same system, exact same point.
Am I mistaken, or did you say you're not familiar with software dev?
Then please explain to me the existance of the OpenSSL library for UNIX users that allows Mozilla to interact with the same HTTPS servers that a proprietary program, Internet Explorer, can interact with. I'd like to hear you're justification for how OpenSSL is not in fact open source encryption software and how PGP is not open encryption since there are open source clones of it such as GPG.
Plus, every self-appointed evangelist of the open source cult offers up their PGP key for supposed "secure" communication purposes to anyone that wants it on their websites.
Oh brother, you really don't know jack about encryption, do you scott? Do you think that a huge block of seemingly random junk is what they type into PGP to decrypt a message or file? Let's ask the magic eight ball: "My sources say no." You see Scott, that is a essentially a scambled key generated by PGP so that another user can encrypt a message using your key without them know what the key's passphrase is. That way Scott, you can get someone's key, encrypt a message and they can decrypt it and only they know what passphrase they used to decrypt your message with.