Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS)
Antonin Houska <ah@cybertec.at>
From: Antonin Houska <ah@cybertec.at>
To:
Cc: Masahiko Sawada <sawada.mshk@gmail.com>,
Robert Haas <robertmhaas@gmail.com>,
Haribabu Kommi <kommi.haribabu@gmail.com>,
"Moon,
Insung" <Moon_Insung_i3@lab.ntt.co.jp>,
Ibrar Ahmed <ibrar.ahmad@gmail.com>,
PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2019-03-08T16:38:59Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Revamp the WAL record format.
- 2c03216d8311 9.5.0 cited
Antonin Houska <ah@cybertec.at> wrote: > Masahiko Sawada <sawada.mshk@gmail.com> wrote: > > > Agreed. > > > > For the WAL encryption, I wonder if we can have a encryption key > > dedicated for WAL. Regardless of keys of tables and indexes all WAL > > are encrypted with the WAL key. During the recovery the startup > > process decrypts WAL and applies it, and then the table data will be > > encrypted with its table key when flushing. So we just control the > > scope of encryption object: WAL of tables and indexes etc or > > everything. > > My point of view is that different key usually means different user. The user > who can decrypt WAL can effectively see all the data, even though another user > put them (encrypted with another key) into tables. So in this case, different > keys don't really separate users in terms of data access. Please ignore what I said here. You probably meant that the WAL is both encrypted and decrypted using the same (dedicated) key. -- Antonin Houska https://www.cybertec-postgresql.com