Home > mailing lists

Re: Transparent column encryption - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: Transparent column encryption
Date	February 28, 2023 23:28:38
Msg-id	47e17f03-6595-6c09-8978-7a1581cad6f2@enterprisedb.com Whole thread Raw
In response to	Re: Transparent column encryption (Peter Eisentraut <peter.eisentraut@enterprisedb.com>)
Responses	Re: Transparent column encryption
List	pgsql-hackers

Tree view

On 22.02.23 11:25, Peter Eisentraut wrote:
> Other changes since v15:
> 
> - CEKs and CMKs now have USAGE privileges.  (There are some TODO markers 
> where I got too bored with boilerplate.  I will fill those in, but the 
> idea should be clear.)

New patch.  The above is all filled in now.

I also figured we need support in the DISCARD command to clear the 
session state of what keys have already been sent, for the benefit of 
connection poolers, so I added an option there.

The only thing left on my list for this whole thing is some syntax in 
psql to force encryption for a parameter.  But that could also be done 
as a separate patch.

Attachment

v17-0001-Automatic-client-side-column-level-encryption.patch

pgsql-hackers by date:

From: Andrew Dunstan
Date: 28 February 2023, 23:26:07
Subject: Re: WIN32 pg_import_system_collations

From: Jeff Davis
Date: 28 February 2023, 23:36:38
Subject: Re: Non-superuser subscription owners

Re: Transparent column encryption - Mailing list pgsql-hackers

Attachment

Previous

Next