Home > mailing lists

Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) - Mailing list pgsql-hackers

From	Bruce Momjian
Subject	Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS)
Date	July 12, 2019 04:52:19
Msg-id	20190712015219.uo7ll3b6fj46ay4e@momjian.us Whole thread Raw
In response to	Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) (Bruce Momjian <bruce@momjian.us>)
List	pgsql-hackers

Tree view

On Thu, Jul 11, 2019 at 06:37:41PM -0400, Bruce Momjian wrote:
> wal_log_hints will be enabled automatically in encryption mode, like we
> do for checksum mode, so we never encrypt different 8k pages with the
> same IV.

Checksum mode can be enabled in encrypted clusters to detect modified
data, since the checksum is encrypted.  The WAL already has checksums.

-- 
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +

pgsql-hackers by date:

From: Peter Geoghegan
Date: 12 July 2019, 04:47:14
Subject: Re: [HACKERS] [WIP] Effective storage of duplicates in B-tree index.

From: Kyotaro Horiguchi
Date: 12 July 2019, 06:15:29
Subject: Comment fix of config_default.pl

Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) - Mailing list pgsql-hackers

Previous

Next