Re: Transparent column encryption

Here is an updated patch that resolves some merge conflicts; no 
functionality changes over v6.

On 30.08.22 13:35, Peter Eisentraut wrote:
> Here is an updated patch.
> 
> I mainly spent time on adding a full set of DDL commands for the keys. 
> This made the patch very bulky now, but there is not really anything 
> surprising in there.  It probably needs another check of permission 
> handling etc., but it's got everything there to try it out.  Along with 
> the DDL commands, the pg_dump side is now fully implemented.
> 
> Secondly, I isolated the protocol changes into a protocol extension with 
> the name _pq_.column_encryption.  So by default there are no protocol 
> changes and this feature is disabled.  AFAICT, we haven't actually ever 
> used the _pq_ protocol extension mechanism, so it would be good to 
> review whether this was done here in the intended way.
> 
> At this point, the patch is sort of feature complete, meaning it has all 
> the concepts, commands, and interfaces that I had in mind.  I have a 
> long list of things to recheck and tighten up, based on earlier feedback 
> and some things I found along the way.  But I don't currently plan any 
> more major architectural or design changes, pending feedback.  (Also, 
> the patch is now very big, so anything additional might be better for a 
> future separate patch.)