Re: Would PostgreSQL 16 native transparent data encryption support database level encryption?

On 5/18/23 12:54, Rob Sargent wrote:
> On 5/18/23 11:49, Ron wrote:
>> On 5/18/23 10:54, Stephen Frost wrote:
>>> Greetings,
>>>
>>> * Tony Xu (tony(dot)xu(at)rubrik(dot)com) wrote:
>>>> The FAQ (copied below) mentioned that native transparent data encryption
>>>> might be included in 16. Is it fair to assume that it will support database
>>>> level encryption, that is, we can use two encryption keys for two databases
>>>> in the same server, respectively? How can one verify that?
>>> The current work to include TDE in PG isn't contemplating a per-database
>>> key option. What's the use-case for that? Why do you feel that you'd
>>> need two independent keys?
>>
>> I don't /feel/ that key-per-database us useful; I /know/ that
>> key-per-database is useful, since the databases can be different projects
>> for different companies.  Each wants it's own encryption key so that no
>> one else can get to their at-rest data.
>>
>> (pg_dump files will automatically be encrypted, right?)
>>
>> --
>> Born in Arizona, moved to Babylonia.
> Ron, this sounds like a revenue opportunity:  "Oh you want your own key,
> well then we'll have to spin up another server just for you so you're all
> separate and special-like.  Way more secure that way."

We need to keep costs down, too.

Oracle (I think) does it at the DB level, and so does SQL Server. Upper
Management hears us say "sorry, no can do" and wonders what bunch of
amateurs are developing PostgreSQL.

--
Born in Arizona, moved to Babylonia.