| From: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
|---|---|
| To: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Transparent column encryption |
| Date: | 2023-02-28 20:28:38 |
| Message-ID: | 47e17f03-6595-6c09-8978-7a1581cad6f2@enterprisedb.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 22.02.23 11:25, Peter Eisentraut wrote:
> Other changes since v15:
>
> - CEKs and CMKs now have USAGE privileges. (There are some TODO markers
> where I got too bored with boilerplate. I will fill those in, but the
> idea should be clear.)
New patch. The above is all filled in now.
I also figured we need support in the DISCARD command to clear the
session state of what keys have already been sent, for the benefit of
connection poolers, so I added an option there.
The only thing left on my list for this whole thing is some syntax in
psql to force encryption for a parameter. But that could also be done
as a separate patch.
| Attachment | Content-Type | Size |
|---|---|---|
| v17-0001-Automatic-client-side-column-level-encryption.patch | text/plain | 464.1 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Davis | 2023-02-28 20:36:38 | Re: Non-superuser subscription owners |
| Previous Message | Andrew Dunstan | 2023-02-28 20:26:07 | Re: WIN32 pg_import_system_collations |