Re: Would PostgreSQL 16 native transparent data encryption support database level encryption?

Ron Johnson <ronljohnsonjr@gmail.com>

From: Ron <ronljohnsonjr@gmail.com>
To: pgsql-general@lists.postgresql.org
Date: 2023-05-18T17:49:20Z
Lists: pgsql-general
On 5/18/23 10:54, Stephen Frost wrote:
> Greetings,
>
> * Tony Xu (tony.xu@rubrik.com) wrote:
>> The FAQ (copied below) mentioned that native transparent data encryption
>> might be included in 16. Is it fair to assume that it will support database
>> level encryption, that is, we can use two encryption keys for two databases
>> in the same server, respectively? How can one verify that?
> The current work to include TDE in PG isn't contemplating a per-database
> key option.  What's the use-case for that?  Why do you feel that you'd
> need two independent keys?

I don't /feel/ that key-per-database us useful; I /know/ that 
key-per-database is useful, since the databases can be different projects 
for different companies.  Each wants it's own encryption key so that no one 
else can get to their at-rest data.

(pg_dump files will automatically be encrypted, right?)

-- 
Born in Arizona, moved to Babylonia.