| From: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
|---|---|
| To: | Greg Stark <stark(at)mit(dot)edu> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Transparent column encryption |
| Date: | 2021-12-16 11:23:11 |
| Message-ID: | a70e97cc-335f-2aa5-47fc-880db670694e@enterprisedb.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 16.12.21 05:47, Greg Stark wrote:
>> In the server, the encrypted datums are stored in types called
>> encryptedr and encryptedd (for randomized and deterministic
>> encryption). These are essentially cousins of bytea.
>
> Does that mean someone could go in with psql and select out the data
> without any keys and just get a raw bytea-like representation? That
> seems like a natural and useful thing to be able to do. For example to
> allow dumping a table and loading it elsewhere and transferring keys
> through some other channel (perhaps only as needed).
Yes to all of that.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | osumi.takamichi@fujitsu.com | 2021-12-16 11:36:46 | RE: Failed transaction statistics to measure the logical replication progress |
| Previous Message | Daniel Gustafsson | 2021-12-16 11:23:08 | Re: pg_upgrade should truncate/remove its logs before running |