Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS)
Stephen Frost <sfrost@snowman.net>
From: Stephen Frost <sfrost@snowman.net>
To: Tomas Vondra <tomas.vondra@2ndquadrant.com>
Cc: Joe Conway <mail@joeconway.com>, Bruce Momjian <bruce@momjian.us>, Masahiko Sawada <sawada.mshk@gmail.com>, Robert Haas <robertmhaas@gmail.com>, Antonin Houska <ah@cybertec.at>, Haribabu Kommi <kommi.haribabu@gmail.com>, "Moon, Insung" <Moon_Insung_i3@lab.ntt.co.jp>, Ibrar Ahmed <ibrar.ahmad@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2019-06-17T14:33:11Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Revamp the WAL record format.
- 2c03216d8311 9.5.0 cited
Greetings, * Tomas Vondra (tomas.vondra@2ndquadrant.com) wrote: > In any case, if we end up with a more complex/advanced design, I've > already voiced my opinion that binding the keys to tablespaces is the > wrong abstraction, and I think we'll regret it eventually. For example, > why have we invented publications instead of using tablespaces? I would certainly hope that we don't stop at tablespaces, they just seem like a much simpler piece to bite off piece than going to table-level right off, and they make sense for some environments where there's a relatively small number of levels of separation, which are already being segregated into different filesystems (or at least directories) for the same reason that you want different encryption keys. Thanks, Stephen