Re: Enquiry about TDE with PgSQL

Bruce Momjian <bruce@momjian.us>

From: Bruce Momjian <bruce@momjian.us>
To: "Clay Jackson (cjackson)" <Clay.Jackson@quest.com>
Cc: Christophe Pettus <xof@thebuild.com>, pgsql-general <pgsql-general@postgresql.org>, Kai Wagner <kai.wagner@percona.com>, Laurenz Albe <laurenz.albe@cybertec.at>, Ron Johnson <ronljohnsonjr@gmail.com>
Date: 2025-11-01T00:33:49Z
Lists: pgsql-general
On Sat, Nov  1, 2025 at 12:24:25AM +0000, Clay Jackson (cjackson) wrote:
> I can't disagree - but the question them becomes, as Markus and
> other have pointed out; would that allow a customer/user to check the
> "Encryption" box for PCI or any other "compliance review"

I think so.  It says storage encryption is insufficient, but it doesn't
say client-side column-level encryption is insufficient.

-- 
  Bruce Momjian  <bruce@momjian.us>        https://momjian.us
  EDB                                      https://enterprisedb.com

  Do not let urgent matters crowd out time for investment in the future.