public inbox for [email protected]
help / color / mirror / Atom feedFrom: Erik Wienhold <[email protected]>
To: ManiR <[email protected]>
Cc: [email protected]
Subject: Re: Request for cryptographic mechanisms used in PostgreSQL
Date: Tue, 20 Jan 2026 11:51:35 +0100
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAA5LiFbFsaE1qT+iDtRf0769HG7nFuGzPDa9AJwTzEauNK8J=g@mail.gmail.com>
References: <CAA5LiFbFsaE1qT+iDtRf0769HG7nFuGzPDa9AJwTzEauNK8J=g@mail.gmail.com>
On 2026-01-20 10:17 +0100, ManiR wrote:
> As part of a security documentation update, we are preparing a *Cryptographic
> Bill of Materials (CBOM)* to document the cryptographic mechanisms used by
> the services deployed in our environment.
>
> We would like your guidance on the *cryptographic mechanisms used by
> PostgreSQL*, including:
>
> -
>
> The *types of cryptographic mechanisms* involved (for example, TLS/SSL
> for client-server communication, authentication mechanisms, password
> hashing, replication security, encryption at rest where applicable)
> -
>
> The *cryptographic algorithms and protocols* used
> -
>
> The *source or storage location* of cryptographic material (for example,
> configuration files, certificates, private keys, system catalogs, or
> external key management systems)
> -
>
> The *purpose* of each mechanism (for example, data-in-transit
> encryption, authentication, access control, replication security)
>
> Our goal is to accurately document PostgreSQL’s cryptographic controls
> for *compliance
> and audit purposes*. This request is for documentation clarity only and is *not
> related to vulnerability disclosure*.
>
> Any clarification or references to official PostgreSQL documentation would
> be greatly appreciated.
Some links to get you going:
https://www.postgresql.org/docs/current/encryption-options.html
https://www.postgresql.org/docs/current/ssl-tcp.html
https://www.postgresql.org/docs/current/gssapi-enc.html
https://www.postgresql.org/docs/current/ssh-tunnels.html
https://www.postgresql.org/docs/current/client-authentication.html
https://www.postgresql.org/docs/current/libpq-ssl.html
https://www.postgresql.org/docs/current/sasl-authentication.html
https://www.postgresql.org/docs/current/pgcrypto.html
--
Erik Wienhold
view thread (2+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: Request for cryptographic mechanisms used in PostgreSQL
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox