Home > mailing lists

Re: Transparent Data Encryption (TDE) and encrypted files - Mailing list pgsql-hackers

From	Bruce Momjian
Subject	Re: Transparent Data Encryption (TDE) and encrypted files
Date	October 2, 2019 04:39:50
Msg-id	20191002013950.GA28879@momjian.us Whole thread Raw
In response to	Transparent Data Encryption (TDE) and encrypted files (Bruce Momjian <bruce@momjian.us>)
List	pgsql-hackers

Tree view

On Mon, Sep 30, 2019 at 05:26:33PM -0400, Bruce Momjian wrote:
> For full-cluster Transparent Data Encryption (TDE), the current plan is
> to encrypt all heap and index files, WAL, and all pgsql_tmp (work_mem
> overflow).  The plan is:
> 
>     https://wiki.postgresql.org/wiki/Transparent_Data_Encryption#TODO_for_Full-Cluster_Encryption
> 
> We don't see much value to encrypting vm, fsm, pg_xact, pg_multixact, or
> other files.  Is that correct?  Do any other PGDATA files contain user
> data?

Oh, there is also consideration that the pg_replslot directory might
also contain user data.

-- 
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +

pgsql-hackers by date:

From: Thomas Munro
Date: 02 October 2019, 04:33:05
Subject: Re: Peripatus: Can someone look?

From: Larry Rosenman
Date: 02 October 2019, 04:44:38
Subject: Re: Peripatus: Can someone look?

Re: Transparent Data Encryption (TDE) and encrypted files - Mailing list pgsql-hackers

Previous

Next