Re: Would PostgreSQL 16 native transparent data encryption support database level encryption? - Mailing list pgsql-general

From Ron
Subject Re: Would PostgreSQL 16 native transparent data encryption support database level encryption?
Date
Msg-id 08c133e0-b136-ff80-886e-b0d4f621c75c@gmail.com
Whole thread Raw
In response to Re: Would PostgreSQL 16 native transparent data encryption support database level encryption?  (Stephen Frost <sfrost@snowman.net>)
Responses Re: Would PostgreSQL 16 native transparent data encryption support database level encryption?
List pgsql-general
On 5/18/23 10:54, Stephen Frost wrote:
Greetings,

* Tony Xu (tony.xu@rubrik.com) wrote:
The FAQ (copied below) mentioned that native transparent data encryption
might be included in 16. Is it fair to assume that it will support database
level encryption, that is, we can use two encryption keys for two databases
in the same server, respectively? How can one verify that?
The current work to include TDE in PG isn't contemplating a per-database
key option.  What's the use-case for that?  Why do you feel that you'd
need two independent keys?

I don't feel that key-per-database us useful; I know that key-per-database is useful, since the databases can be different projects for different companies.  Each wants it's own encryption key so that no one else can get to their at-rest data.

(pg_dump files will automatically be encrypted, right?)

--
Born in Arizona, moved to Babylonia.

pgsql-general by date:

Previous
From: Adrian Klaver
Date:
Subject: Re: JSONB operator unanticipated behaviour
Next
From: Rob Sargent
Date:
Subject: Re: Would PostgreSQL 16 native transparent data encryption support database level encryption?