| From: | "Smith, Peter" <peters(at)fast(dot)au(dot)fujitsu(dot)com> |
|---|---|
| To: | Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com>, Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com> |
| Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, Stephen Frost <sfrost(at)snowman(dot)net>, Joe Conway <mail(at)joeconway(dot)com>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Antonin Houska <ah(at)cybertec(dot)at>, Haribabu Kommi <kommi(dot)haribabu(at)gmail(dot)com>, "Moon, Insung" <Moon_Insung_i3(at)lab(dot)ntt(dot)co(dot)jp>, Ibrar Ahmed <ibrar(dot)ahmad(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | RE: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |
| Date: | 2019-08-13 07:56:47 |
| Message-ID: | 201DD0641B056142AC8C6645EC1B5F62014B8712F0@SYD1217 |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sat, Aug 10, 2019 at 1:19 AM Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com> wrote:
> We can of course support "forced" re-encryption, but I think it's acceptable if that's fairly expensive as long as it can be throttled and executed in the background (kinda similar to the patch to enable checksums in the background).
As an alternative way to provide for a "forced" re-encryption couldn't you just run pg_dumpall + psql?
Regards,
--
Peter Smith
Fujitsu Australia
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2019-08-13 08:04:35 | Re: subscriptionCheck failures on nightjar |
| Previous Message | Masahiko Sawada | 2019-08-13 06:30:44 | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |