Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS)
Joe Conway <mail@joeconway.com>
From: Joe Conway <mail@joeconway.com>
To: Bruce Momjian <bruce@momjian.us>
Cc: Masahiko Sawada <sawada.mshk@gmail.com>,
"Moon, Insung" <Moon_Insung_i3@lab.ntt.co.jp>,
PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2018-06-20T22:08:29Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Revamp the WAL record format.
- 2c03216d8311 9.5.0 cited
On 06/20/2018 05:05 PM, Bruce Momjian wrote: > On Mon, Jun 18, 2018 at 08:29:32AM -0400, Joe Conway wrote: >>>> Or >>>> maybe key management is really tied into the separately discussed effort >>>> to create SQL VARIABLEs somehow. >>> >>> Could you elaborate on how key management is tied into SQL VARIABLEs? >> >> Well, the key management probably is not, but the SQL VARIABLE might be >> where the key is stored for use. > > I disagree. I would need to understand how an extension actually helps > here, because it certainly limits flexibility compared to a shell > command. That flexibility the shell command gives you is also a huge hole from a security standpoint. Joe -- Crunchy Data - http://crunchydata.com PostgreSQL Support for Secure Enterprises Consulting, Training, & Open Source Development