Home > mailing lists

Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) - Mailing list pgsql-hackers

From	Alvaro Herrera
Subject	Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS)
Date	July 10, 2019 00:06:45
Msg-id	20190709210645.GA31339@alvherre.pgsql Whole thread Raw
In response to	Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) (Joe Conway <mail@joeconway.com>)
Responses	Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) (Tomas Vondra <tomas.vondra@2ndquadrant.com>)
List	pgsql-hackers

Tree view

On 2019-Jul-09, Joe Conway wrote:

> > Ot you could just encrypt them with a different key, and you would not
> > need to make database OID part of the nonce.
> 
> Yeah that was pretty much exactly what I was trying to say above ;-)

So you need to decrypt each file and encrypt again when doing CREATE
DATABASE?

-- 
Álvaro Herrera                https://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

pgsql-hackers by date:

From: Konstantin Knizhnik
Date: 09 July 2019, 23:59:11
Subject: Re: [HACKERS] Cached plans and statement generalization

From: Tomas Vondra
Date: 10 July 2019, 00:12:19
Subject: Re: Optimize partial TOAST decompression

Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) - Mailing list pgsql-hackers

Previous

Next