On 24.03.23 19:12, Andres Freund wrote:
>> I thought about this some more. I think we could get rid of attusertypmod
>> and just hardcode it as -1. The idea would be that if you ask for an
>> encrypted column of type, say, varchar(500), the server isn't able to
>> enforce that anyway, so we could just prohibit specifying a nondefault
>> typmod for encrypted columns.
>
> Why not just use typmod for the underlying typmod? It doesn't seem like
> encrypted datums will need that? Or are you using it for something important there?
Yes, the typmod of encrypted types stores the encryption algorithm.
(Also, mixing a type with the typmod of another type is weird in a
variety of ways, so this is a quite clean solution.)