Re: Transparent column encryption
От | Peter Eisentraut |
---|---|
Тема | Re: Transparent column encryption |
Дата | |
Msg-id | edb5eb1f-5818-5521-537d-20cf7f470742@enterprisedb.com обсуждение исходный текст |
Ответ на | Re: Transparent column encryption (Peter Eisentraut <peter.eisentraut@enterprisedb.com>) |
Ответы |
Re: Transparent column encryption
|
Список | pgsql-hackers |
Here is an updated patch. I mainly spent time on adding a full set of DDL commands for the keys. This made the patch very bulky now, but there is not really anything surprising in there. It probably needs another check of permission handling etc., but it's got everything there to try it out. Along with the DDL commands, the pg_dump side is now fully implemented. Secondly, I isolated the protocol changes into a protocol extension with the name _pq_.column_encryption. So by default there are no protocol changes and this feature is disabled. AFAICT, we haven't actually ever used the _pq_ protocol extension mechanism, so it would be good to review whether this was done here in the intended way. At this point, the patch is sort of feature complete, meaning it has all the concepts, commands, and interfaces that I had in mind. I have a long list of things to recheck and tighten up, based on earlier feedback and some things I found along the way. But I don't currently plan any more major architectural or design changes, pending feedback. (Also, the patch is now very big, so anything additional might be better for a future separate patch.)
Вложения
В списке pgsql-hackers по дате отправления: