On 16.12.21 05:47, Greg Stark wrote:
>> In the server, the encrypted datums are stored in types called
>> encryptedr and encryptedd (for randomized and deterministic
>> encryption). These are essentially cousins of bytea.
>
> Does that mean someone could go in with psql and select out the data
> without any keys and just get a raw bytea-like representation? That
> seems like a natural and useful thing to be able to do. For example to
> allow dumping a table and loading it elsewhere and transferring keys
> through some other channel (perhaps only as needed).
Yes to all of that.
