Re: Moving forward with TDE

Поиск
Список
Период
Сортировка
От Chris Travers
Тема Re: Moving forward with TDE
Дата
Msg-id 170279465004.2631682.1886882000695050104.pgcf@coridan.postgresql.org
обсуждение исходный текст
Ответ на Re: Moving forward with TDE [PATCH v3]  (David Christensen <david.christensen@crunchydata.com>)
Ответы Re: Moving forward with TDE  (Bruce Momjian <bruce@momjian.us>)
Список pgsql-hackers
Дерево обсуждения 
Hi,

I was re-reading the patches here  and there was one thing I didn't understand.

There are provisions for a separation of data encryption keys for primary and replica I see, and these share a single
WALkey.
 

But if I am setting up a replica from the primary, and the primary is already encrypted, then do these forceably share
thesame data encrypting keys?  Is there a need to have (possibly in a follow-up patch) an ability to decrypt and
re-encryptin pg_basebackup (which would need access to both keys) or is this handled already and I just missed it?
 

Best Wishes,
Chris Travers

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Alexander Lakhin
Дата:
Сообщение: Re: [PoC] pg_upgrade: allow to upgrade publisher node
Следующее
От: Andy Fan
Дата:
Сообщение: Re: Is a clearer memory lifespan for outerTuple and innerTuple useful?