| From: | Ron <ronljohnsonjr(at)gmail(dot)com> |
|---|---|
| To: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Would PostgreSQL 16 native transparent data encryption support database level encryption? |
| Date: | 2023-05-18 17:49:20 |
| Message-ID: | 08c133e0-b136-ff80-886e-b0d4f621c75c@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 5/18/23 10:54, Stephen Frost wrote:
> Greetings,
>
> * Tony Xu (tony(dot)xu(at)rubrik(dot)com) wrote:
>> The FAQ (copied below) mentioned that native transparent data encryption
>> might be included in 16. Is it fair to assume that it will support database
>> level encryption, that is, we can use two encryption keys for two databases
>> in the same server, respectively? How can one verify that?
> The current work to include TDE in PG isn't contemplating a per-database
> key option. What's the use-case for that? Why do you feel that you'd
> need two independent keys?
I don't /feel/ that key-per-database us useful; I /know/ that
key-per-database is useful, since the databases can be different projects
for different companies. Each wants it's own encryption key so that no one
else can get to their at-rest data.
(pg_dump files will automatically be encrypted, right?)
--
Born in Arizona, moved to Babylonia.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Rob Sargent | 2023-05-18 17:54:05 | Re: Would PostgreSQL 16 native transparent data encryption support database level encryption? |
| Previous Message | Adrian Klaver | 2023-05-18 17:41:48 | Re: JSONB operator unanticipated behaviour |