Re: Key management with tests
Bruce Momjian <bruce@momjian.us>
From: Bruce Momjian <bruce@momjian.us>
To: Masahiko Sawada <sawada.mshk@gmail.com>
Cc: Tom Kincaid <tomjohnkincaid@gmail.com>, Robert Haas <robertmhaas@gmail.com>, Alvaro Herrera <alvherre@alvh.no-ip.org>, Andres Freund <andres@anarazel.de>, Amit Kapila <amit.kapila16@gmail.com>, Thomas Munro <thomas.munro@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>, Stephen Frost <sfrost@snowman.net>, Masahiko Sawada <masahiko.sawada@2ndquadrant.com>
Date: 2021-02-01T22:16:11Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Rethink method for assigning OIDs to the template0 and postgres DBs.
- 2cb1272445d2 15.0 landed
-
pg_upgrade: Preserve database OIDs.
- aa01051418f1 15.0 landed
-
pg_upgrade: Preserve relfilenodes and tablespace OIDs.
- 9a974cbcba00 15.0 landed
-
Fix for new Boolean node
- cf925936ecc0 15.0 cited
-
Improve error handling of HMAC computations
- 5513dc6a304d 15.0 cited
-
Add macro RelationIsPermanent() to report relation permanence
- 95d77149c535 14.0 landed
-
Enhance nbtree index tuple deletion.
- d168b666823b 14.0 cited
On Fri, Jan 29, 2021 at 05:05:06PM +0900, Masahiko Sawada wrote: > TBH I’m confused a bit about the recent situation of this patch, but > I Yes, it is easy to get confused. > can contribute to KMS work by discussing, writing, reviewing, and > testing the patch. Also, I can work on the data encryption part of TDE Great. > (we need more discussion on that though). If the community concerns > about the high-level design and thinks the design reviews by > cryptography experts are still needed, we would need to do that first > since the data encryption part of TDE depends on KMS. As far as I I totally agree. While we don't need to commit the key management patch to the tree before moving forward, we should have agreement on the key management patch before doing more work on this. If we can't agree on the key management part, there is no value in working further, as I stated in an earlier email. > know, we have done that many times on pgsql-hackers, on offl-line and > including the discussion on the past proposal, etc but given that the > community still has a concern, it seems that we haven’t been able > to share the details of the discussion enough that led to the design > decision or the design is still not good. Honestly, I’m not sure how > this feature can get consensus. But maybe we would need to have a Yes, I am also confused. > break from refining the patch now and we need to marshal the > discussions so far and the point behind the design so that everyone > can understand why this feature is designed in that way. To do that, > it might be a good start to sort the wiki page since it has data > encryption part, KMS, and ToDo mixed. What I ended up doing is to moving the majority of the non-data-encryption part of the wiki into the patch, either in docs or README files, since people asked for more of this in the patch, and having the information in two places is confusing. -- Bruce Momjian <bruce@momjian.us> https://momjian.us EDB https://enterprisedb.com The usefulness of a cup is in its emptiness, Bruce Lee