Zoom said that their meeting data is no longer routed through China's servers. That's not what citizenlab's complaint was, and also not what the original poster stated.

>There is the thing that all Zoom keys are kept and maintained in China

Their complaint was about zoom's encryption key generation and distribution practices. The post you linked has nothing about the key distribution scheme zoom needs to implement so they actually have end-to-end encryption.

https://blog.cryptographyengineering.com/2020/04/03/does-zoo...

Without proper encryption, it doesn't matter if all participants in a meeting only connect to zoom servers since you don't know what zoom could be doing inside their network. Are they actually routing data without any storage, or any they storing the data and sending a stream out the back door to interested parties? But with true end-to-end encryption, it doesn't matter what zoom does with the meeting data since only the participants can decrypt it.

Not to mention that for a sufficiently interested actor, they don't need to access zoom's network to intercept a copy of a meeting as it makes its way through the internet to a zoom server. End-to-end encryption also ensures they only get junk.