Home > mailing lists

Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) - Mailing list pgsql-hackers

From	Joe Conway
Subject	Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS)
Date	June 17, 2019 15:29:02
Msg-id	f4d296c6-1a57-1e9f-2347-7796aa7e57d7@joeconway.com Whole thread Raw
In response to	Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) (Stephen Frost <sfrost@snowman.net>)
Responses	Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS)
List	pgsql-hackers

Tree view

On 6/17/19 8:12 AM, Stephen Frost wrote:
>> But there's about 0% chance we'll get that in v1, of course, so we need
>> s "minimum viable product" to build on anyway.
> 
> There seems like a whole lot of space between something very elaborate
> and only supporting one key.

I think this is exactly the point -- IMHO one key per tablespace is a
nice and very sensible compromise. I can imagine all kinds of more
complex things that would be "nice to have" but that gets us most of the
flexibility needed with minimal additional complexity.

Joe

-- 
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development

pgsql-hackers by date:

From: Antonin Houska
Date: 17 June 2019, 15:19:30
Subject: pg_log_fatal vs pg_log_error

From: Masahiko Sawada
Date: 17 June 2019, 15:29:44
Subject: Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS)

Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) - Mailing list pgsql-hackers

Previous

Next