| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
| Cc: | Antonin Houska <ah(at)cybertec(dot)at>, Robert Haas <robertmhaas(at)gmail(dot)com>, Toshi Harada <harada(dot)toshi(at)po(dot)ntt-tx(dot)co(dot)jp>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: "WIP: Data at rest encryption" patch and, PostgreSQL 11-beta3 |
| Date: | 2019-07-06 02:33:07 |
| Message-ID: | 20190706023307.dt2nh2l42i7ahu4m@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jun 25, 2019 at 02:28:00PM +0200, Peter Eisentraut wrote:
> On 2019-06-17 11:23, Antonin Houska wrote:
> > I'm thinking how to teach postmaster to accept FEBE protocol connections
> > temporarily, just to receive the key. The user applications like pg_ctl,
> > initdb or pg_upgrade would retrieve the key / password from the DBA, then
> > start postmaster and send it the key.
> >
> > Perhaps the message format should be a bit generic so that extensions like
> > this can use it to receive their keys too.
> >
> > (The idea of an unix socket or named pipe I proposed upthread is not good
> > because it's harder to implement in a portable way.)
>
> How are the requirements here different from ssl_passphrase_command?
> Why do we need a new mechanism?
Agreed. My pgcryptokey prompting shell script was mostly a
proof-of-concept.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ As you are, so once was I. As I am, so you will be. +
+ Ancient Roman grave inscription +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2019-07-06 03:15:52 | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |
| Previous Message | Amit Kapila | 2019-07-06 02:05:27 | Re: POC: Cleaning up orphaned files using undo logs |