Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS)
Chris Howard <chris@elfpen.com>
From: Chris Howard <chris@elfpen.com>
To: pgsql-hackers@lists.postgresql.org
Date: 2019-03-04T18:03:33Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Revamp the WAL record format.
- 2c03216d8311 9.5.0 cited
Or on your laptop On 3/4/19 11:55 AM, Laurenz Albe wrote: > Masahiko Sawada wrote: >> Why do people want to just encrypt everything? For satisfying some >> security compliance? > I'd say that TDE primarily protects you from masked ninjas that > break into your server room and rip out the disks with your database > on them. > > Or from people stealing your file system backups that you leave > lying around in public. > > My guess is that this requirement almost always comes from security > departments that don't know a lot about the typical security threats > that databases face, or (worse) from lawmakers. > > And these are probably the people who will insist that *everything* > is encrypted, even your commit log (unencrypted log? everyone can > read the commits?). > > Yours, > Laurenz Albe > > > >