MIME-Version: 1.0
References: <aQTsjVoYDWU2GaLJ@momjian.us> <202510311727.f5ifxfb6ufgd@alvherre.pgsql>
 <aQT-XvsFx9Et1tK4@momjian.us> <CAG0qCNjvO96nQm8fQtmgPiDc65YaOaWqoTs1oHUD3ra5nMxwFA@mail.gmail.com>
 <aQUh5RTP3AspSzl_@momjian.us>
In-Reply-To: <aQUh5RTP3AspSzl_@momjian.us>
From: Ron Johnson <ronljohnsonjr@gmail.com>
Date: Fri, 31 Oct 2025 17:19:57 -0400
Message-ID: <CANzqJaB_3088HucsY6Cfvq9b7-DBosf7dy_oAKkYTSHUVt+Buw@mail.gmail.com>
Subject: Re: Enquiry about TDE with PgSQL
To: pgsql-general <pgsql-general@postgresql.org>
Content-Type: multipart/alternative; boundary="0000000000001575d906427aeede"
Archived-At: <https://www.postgresql.org/message-id/CANzqJaB_3088HucsY6Cfvq9b7-DBosf7dy_oAKkYTSHUVt%2BBuw%40mail.gmail.com>
Precedence: bulk

--0000000000001575d906427aeede
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Fri, Oct 31, 2025 at 4:53=E2=80=AFPM Bruce Momjian <bruce@momjian.us> wr=
ote:

> On Fri, Oct 31, 2025 at 09:04:32PM +0100, Kai Wagner wrote:
> > On Fri, Oct 31, 2025 at 7:22=E2=80=AFPM Bruce Momjian <bruce@momjian.us=
> wrote:
> >
> >     On Fri, Oct 31, 2025 at 06:33:54PM +0100, =C3=81lvaro Herrera wrote=
:
> >     > On 2025-Oct-31, Bruce Momjian wrote:
> >     >
> >     > > Yes, we have been avoiding the masquerade for years.  The
> question is
> >     > > can we continue.  From the lack of discussion since April 1,
> 2025, it
> >     > > seems the answer is yes.
> >
> > I think this assumption can be considered a false positive. The main
> reason
> > this hasn't surfaced yet is that it first takes some time to adjust, an=
d
> more
> > importantly, there are the downstream forks with the necessary changes
> that are
> > already in use or continue to be sold. So why stop doing this?
>
> Keep in mind this is coming up seven months after the standard became
> effective, and it is being brought up by someone from Percona, and not
> from an end-user.  I would have thought we would have had more end users
> complaining.
>
> > I don't think, as stated initially, that we can continue to ignore this
> any
> > longer. As a project, we are losing out on a significant number of user=
s
> who
> > are willing to use fully open-source solutions, but are held back due t=
o
> this
> > requirement. We had numerous conversations over the last few years,
> exactly
> > about this fact, and people went with MySQL, Mongo, or others - not
> because of
> > "does this technically make sense to us as engineers, but because they
> couldn't
> > fulfill their internal requirements". As Laurenz already stated very
> well:
> > "rational arguments are missing the point".
> >
> > It's not news that we also tried a way of implementing it. What I would
> like to
> > achieve here is a group of interested people who can actually make a
> call on
> > how this is envisioned to work. Do we handle everything in core
> directly, or do
> > we make all necessary parts extensible? This approach may be more
> efficient in
>
> We created a group several years ago, got pretty far, but ended up
> stopping for reasons I stated in my blog.  I am not excited about doing
> this again unless there is a clear change of community opinion, which I
> have not seen.


We're not complaining because we need TDE sooner than later, and
PGDG's opinions on TDE are well known.

EDB and Percona are there to take our money...

--=20
Death to <Redacted>, and butter sauce.
Don't boil me, I'm still alive.
<Redacted> lobster!

--0000000000001575d906427aeede
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div dir=3D"ltr">On Fri, Oct 31, 2025 at 4:53=E2=80=AFPM B=
ruce Momjian &lt;<a href=3D"mailto:bruce@momjian.us">bruce@momjian.us</a>&g=
t; wrote:</div><div class=3D"gmail_quote gmail_quote_container"><blockquote=
 class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px so=
lid rgb(204,204,204);padding-left:1ex">On Fri, Oct 31, 2025 at 09:04:32PM +=
0100, Kai Wagner wrote:<br>
&gt; On Fri, Oct 31, 2025 at 7:22=E2=80=AFPM Bruce Momjian &lt;<a href=3D"m=
ailto:bruce@momjian.us" target=3D"_blank">bruce@momjian.us</a>&gt; wrote:<b=
r>
&gt; <br>
&gt;=C2=A0 =C2=A0 =C2=A0On Fri, Oct 31, 2025 at 06:33:54PM +0100, =C3=81lva=
ro Herrera wrote:<br>
&gt;=C2=A0 =C2=A0 =C2=A0&gt; On 2025-Oct-31, Bruce Momjian wrote:<br>
&gt;=C2=A0 =C2=A0 =C2=A0&gt;<br>
&gt;=C2=A0 =C2=A0 =C2=A0&gt; &gt; Yes, we have been avoiding the masquerade=
 for years.=C2=A0 The question is<br>
&gt;=C2=A0 =C2=A0 =C2=A0&gt; &gt; can we continue.=C2=A0 From the lack of d=
iscussion since April 1, 2025, it<br>
&gt;=C2=A0 =C2=A0 =C2=A0&gt; &gt; seems the answer is yes.<br>
&gt; <br>
&gt; I think this assumption can be considered a false positive. The main r=
eason<br>
&gt; this hasn&#39;t surfaced yet is that it first takes some time to adjus=
t, and more<br>
&gt; importantly, there are the downstream forks with the necessary changes=
 that are<br>
&gt; already in use or continue to be sold. So why stop doing this?<br>
<br>
Keep in mind this is coming up seven months after the standard became<br>
effective, and it is being brought up by someone from Percona, and not<br>
from an end-user.=C2=A0 I would have thought we would have had more end use=
rs<br>
complaining.<br>
<br>
&gt; I don&#39;t think, as stated initially, that we can continue to ignore=
 this any<br>
&gt; longer. As a project, we are losing out on a significant number of use=
rs who<br>
&gt; are willing to use fully open-source solutions, but are held back due =
to this<br>
&gt; requirement. We had numerous conversations over the last few years, ex=
actly<br>
&gt; about this fact, and people went with MySQL, Mongo, or others - not be=
cause of<br>
&gt; &quot;does this technically make sense to us as engineers, but because=
 they couldn&#39;t<br>
&gt; fulfill their internal requirements&quot;. As Laurenz already stated v=
ery well:<br>
&gt; &quot;rational arguments are missing the point&quot;.<br>
&gt; <br>
&gt; It&#39;s not news that we also tried a way of implementing it. What I =
would like to<br>
&gt; achieve here is a group of interested people who can actually make a c=
all on<br>
&gt; how this is envisioned to work.=C2=A0Do we handle everything in core d=
irectly, or do<br>
&gt; we make all necessary parts extensible? This approach may be more effi=
cient in<br>
<br>
We created a group several years ago, got pretty far, but ended up<br>
stopping for reasons I stated in my blog.=C2=A0 I am not excited about doin=
g<br>
this again unless there is a clear change of community opinion, which I<br>
have not seen.</blockquote></div><div><br></div><div>We&#39;re not complain=
ing because we need TDE sooner than later, and PGDG&#39;s=C2=A0opinions on =
TDE are well known.</div><div><br></div><div>EDB and Percona are there to t=
ake our money...</div><div><br></div><span class=3D"gmail_signature_prefix"=
>-- </span><br><div dir=3D"ltr" class=3D"gmail_signature"><div dir=3D"ltr">=
Death to &lt;Redacted&gt;, and butter sauce.<div>Don&#39;t boil me, I&#39;m=
 still alive.<br><div><div>&lt;Redacted&gt; lobster!</div></div></div></div=
></div></div>

--0000000000001575d906427aeede--