Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1vEr1w-001o06-TI
	for pgsql-general@arkaria.postgresql.org; Fri, 31 Oct 2025 15:27:08 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1vEr1u-00FhRO-QJ
	for pgsql-general@arkaria.postgresql.org; Fri, 31 Oct 2025 15:27:05 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <htamfids@gmail.com>)
	id 1vEr0m-00Fclr-Mo
	for pgsql-general@lists.postgresql.org; Fri, 31 Oct 2025 15:25:55 +0000
Received: from mail-il1-x12a.google.com ([2607:f8b0:4864:20::12a])
	by magus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <htamfids@gmail.com>)
	id 1vEr0j-005GaA-0n
	for pgsql-general@postgresql.org;
	Fri, 31 Oct 2025 15:25:55 +0000
Received: by mail-il1-x12a.google.com with SMTP id e9e14a558f8ab-430b6a0eaeaso22976875ab.1
        for <pgsql-general@postgresql.org>; Fri, 31 Oct 2025 08:25:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1761924351; x=1762529151; darn=postgresql.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=65Emrxa4WGOR85PKpG92gyD1EyubsxwJ6PpOS7lIcZY=;
        b=mcxaBJE4YpWvbjIIFGSXk2M3R7p80xOXm3BwweRqxxpwViA0eGPy9egKW5LxpbloeP
         +nlQoVsri0zu2y2nWBCGfZbNx0czy19WwaPaG2+0VH9OytnsEqbc9OxAb+eabmAwimZb
         HiEYalf414wSuEF5sPTBtYZQWRQz8APJEyszho/Qrf9w6OZw81cBh9+L6KzsslrzjnRT
         k/XvCCUIk8zEKfDoPRYghzt7yt9aS+3z3AGVAiIYuuxbMqJdRk8tMXfdpW12J3nCGL95
         SkMvtaoeG/SQZI1da2NaaNW0DNIYB0hsAuc53KYfYdoHcIHCfC5LsXFuGe2PyiKENw4d
         j3zA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761924351; x=1762529151;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=65Emrxa4WGOR85PKpG92gyD1EyubsxwJ6PpOS7lIcZY=;
        b=hfIEIAnNuyGWOoNH15gAeDcdbey7swM/QLVaoti+2rVT4xaFLS5Ev54Wb9U1CYUroh
         wuuqts6hXr+4colYcZJBfHQ+weeiAdWzeYMugxEjgzV0YywuD/9zUKxzsKsvTlWlTjYc
         Ma9PlqRwLUyhDNzp/5XR9E4eNiG0wXCAjMbVudGc15WUuMrjIm898xKu7cWQMxq+cTAU
         Gt1E938oBCJxkXSuvFYwcjSa0l/kVfJKlvFBdz79Bl5HX9UAxUO99L2cSTy0x8F+9Z+H
         IXffbQxw8L/eVShnFGuqi/yXjg36hO40p95A6ODo3AqIOzAQyS1399r2WzxgpkncyQde
         3Zkw==
X-Forwarded-Encrypted: i=1; AJvYcCVt7n9ckwj/Ta7/lJSNsgySAgSPe9nbgY7Xvgf4ay0Xj588SnfwK+3Q11hWQoI60YnfI9aAibDkiiJqxVpg@postgresql.org
X-Gm-Message-State: AOJu0YxCOeRf9PupgcLON4G2VeVH2ZH9MzpkhlQZn2P3FGFrAK1G3X1z
	trNiD/jDuyhguO0UrtaZTw9J3otQc6+8EShzeQ5Zu0RbUYR6/f5o3N3DXL4H2HMa5LFZH7wFnaY
	nWOx25w5KFE8IXR5UKOTvahT0vHJFJ8M=
X-Gm-Gg: ASbGncvRWq7Nc0xYh5NieDuoRuEQiVjzRu7MQsZbJpzCylbfCAzEF9P20xv0+EPYXDp
	gWepuBI/SFjBxogxbcqxRbZDm0m97Ywu3Td7Je5P05uZqI7MrOVcFfdDc9t1N5IBAB7eUC1fNNp
	1HfZGTtM2LjJYAhpESevTdMQ88xtlxiuFST+1b6ORB+uer6vw3UDxTTvppcEkQitmbil2GbktVZ
	pac1IvwH00cvtBl2DkZcttusSv+6ypNEu8KIURLFCVD/iBRTz0yhGc6VuPJD8Mh0yoRlKZA/ue/
	ho9R6JLBONiR39c6iA8=
X-Google-Smtp-Source: AGHT+IG2R5M77KdpkURQr+RTd6dDExL1eFgHN3KdZAv2zCkGfgtJCMRgkffTzzfbsX2lBRaqbrdG8Hz079wroA4+5AQ=
X-Received: by 2002:a05:6e02:184e:b0:431:d864:364c with SMTP id
 e9e14a558f8ab-4330d1b762emr62659025ab.17.1761924341408; Fri, 31 Oct 2025
 08:25:41 -0700 (PDT)
MIME-Version: 1.0
References: <CACgMzfwSDRF+kQr59h0-xGUobCeFZxwVzE_tUxF18DkVb+vuDQ@mail.gmail.com>
 <CAKAnmmKDCOdUT5JtJZz5papMO0zW1cnG4934d6aQVCQ_KdbUeg@mail.gmail.com>
 <CANzqJaA41CzNjkiQex+A0u9z11i6R3WQZJ+fkXfJO7VJwOMWzg@mail.gmail.com>
 <a1dae4a583d560a90c67872b766ead02ddb13e51.camel@cybertec.at>
 <aQPDvqUzZVKkaxsS@momjian.us> <CAG0qCNhL=SEB4vc4v48PxN1F-t8htC463TpX7KDNWQ-s3s8dtA@mail.gmail.com>
 <aQTNmM-3VeTRZdx0@momjian.us>
In-Reply-To: <aQTNmM-3VeTRZdx0@momjian.us>
From: Greg Sabino Mullane <htamfids@gmail.com>
Date: Fri, 31 Oct 2025 11:25:04 -0400
X-Gm-Features: AWmQ_bnkgNr8kPuRV172Q1rQlzPA0gqXY8KjhEjnbsBklIlnTQyXke78kxPjv_I
Message-ID: <CAKAnmmKYP0DZpBhFXFBAbpkEkGt8g+MKOsSR=M+nKbvLZ8v89w@mail.gmail.com>
Subject: Re: Enquiry about TDE with PgSQL
To: Bruce Momjian <bruce@momjian.us>
Cc: Kai Wagner <kai.wagner@percona.com>, Laurenz Albe <laurenz.albe@cybertec.at>, 
	Ron Johnson <ronljohnsonjr@gmail.com>, pgsql-general <pgsql-general@postgresql.org>
Content-Type: multipart/alternative; boundary="0000000000007dac62064275fa86"
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/CAKAnmmKYP0DZpBhFXFBAbpkEkGt8g%2BMKOsSR%3DM%2BnKbvLZ8v89w%40mail.gmail.com>
Precedence: bulk

--0000000000007dac62064275fa86
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Fri, Oct 31, 2025 at 10:54=E2=80=AFAM Bruce Momjian <bruce@momjian.us> w=
rote:

>         Disk-level and partition-level encryption typically encrypts
>         the entire disk or partition using the same key, with all data
>         automatically decrypted when the system runs or when an authorize=
d
> -->     user requests it. For this reason, disk-level encryption is not
> -->     appropriate to protect stored PAN on computers, laptops, servers,
>         storage arrays, or any other system that provides transparent
>         decryption upon user authentication.
>

Hmm, I read this a few times but still not sure what the technical
objection is. Yes, the entire disk is encrypted with the same key, but why
is that insufficient to protect things? Anyone care to guess what they are
thinking here?

The biggest possible downside of this standoff is that enterprises that
> need to meet PCI compliance specifications are forced to use specialized
> versions of Postgres or Postgres extensions that support TDE.
>

Not always a downside for the companies selling those specialized versions
though.

Cheers,
Greg

--
Crunchy Data - https://www.crunchydata.com
Enterprise Postgres Software Products & Tech Support

--0000000000007dac62064275fa86
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div dir=3D"ltr">On Fri, Oct 31, 2025 at 10:54=E2=80=AFAM =
Bruce Momjian &lt;<a href=3D"mailto:bruce@momjian.us">bruce@momjian.us</a>&=
gt; wrote:</div><div class=3D"gmail_quote gmail_quote_container"><blockquot=
e class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px s=
olid rgb(204,204,204);padding-left:1ex">=C2=A0 =C2=A0 =C2=A0 =C2=A0 Disk-le=
vel and partition-level encryption typically encrypts<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 the entire disk or partition using the same key=
, with all data<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 automatically decrypted when the system runs or=
 when an authorized<br>
--&gt;=C2=A0 =C2=A0 =C2=A0user requests it. For this reason, disk-level enc=
ryption is not<br>
--&gt;=C2=A0 =C2=A0 =C2=A0appropriate to protect stored PAN on computers, l=
aptops, servers,<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 storage arrays, or any other system that provid=
es transparent<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 decryption upon user authentication.<br></block=
quote><div><br></div><div>Hmm, I read this a few times but still not sure w=
hat the technical objection is. Yes, the entire disk is encrypted with the =
same key, but why is that insufficient to protect things? Anyone care to gu=
ess what they are thinking here?</div><div><br></div><blockquote class=3D"g=
mail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204=
,204,204);padding-left:1ex">
The biggest possible downside of this standoff is that enterprises that nee=
d to meet PCI compliance specifications are forced to use specialized versi=
ons of Postgres or Postgres extensions that support TDE.<br></blockquote><d=
iv><br></div><div>Not always a downside for the companies selling those spe=
cialized versions though.</div><div><br></div></div><div dir=3D"ltr" class=
=3D"gmail_signature"><div dir=3D"ltr"><div>Cheers,</div><div>Greg</div><div=
><br></div><div>--</div><div>Crunchy Data - <a href=3D"https://www.crunchyd=
ata.com" target=3D"_blank">https://www.crunchydata.com</a></div><div>Enterp=
rise Postgres Software Products &amp; Tech Support</div><div><br></div></di=
v></div></div>

--0000000000007dac62064275fa86--