Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1vGIl5-00C3Db-44 for pgsql-general@arkaria.postgresql.org; Tue, 04 Nov 2025 15:15:43 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1vGIl4-00Ej03-3c for pgsql-general@arkaria.postgresql.org; Tue, 04 Nov 2025 15:15:41 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1vGIl3-00Eizt-L3 for pgsql-general@lists.postgresql.org; Tue, 04 Nov 2025 15:15:40 +0000 Received: from mail-southcentralusazon11011017.outbound.protection.outlook.com ([40.93.194.17] helo=SN4PR0501CU005.outbound.protection.outlook.com) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vGIl0-005x6D-0c for pgsql-general@postgresql.org; Tue, 04 Nov 2025 15:15:40 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Pf4qiyExWIX0qRGNMnCutJexVZtctmQur/v1QHl8ZMonLprDY3yWEZICKtOTVfnKQgHRLe5aFpqsnPsNItwy7QJ6SmOTzvy8DsIHQHkaGRRnLQNfz+0LDDFt8CReGsBRmLpXQlNShLVy9VrGMkfK5DgQfdQULTLq+EcGiAOgDrshmbkCj225Qbnec92OQfF9gwoGXtEI6+2XgAeUnxNn8z2jtcxRlsNMOmO7QnKi0CpoHFqhZIohZk5ts4gkRN/J25i+yZrNy59euciIHYPWw8h5bzEdoSTUlDISABrQrlD6tq8rnSd6kxmtZTuV6LYk+DYOb5ZkN2IvnDtt5OmGdA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=B1tfEIWSTtMfJPo+heDGY484eFtd6K4+4eIMvtCCsiY=; b=Ilfq/rASZ8E5CAk9pnqmd7B1qVfFGeQ3zHe35vYEOsSxqiWEpByukT4RG2HVAlotY1OIZIyCqUvQU0SaYFc452VVB98JIo/Ho1MSrrr13AfAbjh6anT7niMlK8RMoVkxlYWGZaZByb+yDqaGICNeB8eu1aUil3wEVGOwEiW2IhBpffCI37R3x5wOTWp7kTJHHsV0QeqHs+q9fy1ymTjOtaBNvAVRJQFLHi6LTE+grY/0maitrq7I/9PYN/VVO+SX1/a6kvA1kNLLOCC7y2a/bDpIX/Une5zHiytzg3XFnqs2LHmFK5b3WmVfg0iAJnyIkg8Mf2j73xqtUZqGF0e6YQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=quest.com; dmarc=pass action=none header.from=quest.com; dkim=pass header.d=quest.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quest.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B1tfEIWSTtMfJPo+heDGY484eFtd6K4+4eIMvtCCsiY=; b=QFl2czHnER+NjUJGZe0UEbtsBpx6uIY/taSej9UkKn6n730E/cJga6VeNmpMIQeKxpLckTYfFbxgzawL7ALLWGmsUh8m5gd/8peDKTIKNDSDTgF5yPcdBDa/NQV5C5B/yZbGM285AGo5kZwAOefQk0Zf6SIYXUBV29bWfPvLGtJtxnmteFAfwUY3sHJiqNLfzn94pAcXm72gJ5+wH8p3NOTVT6N664COCCRWu98jxsdUPezeyjDxMnb9jTrZCRum7FKVCAETFYShEDq8GD0BY8nagWaK4BCWbejKshfPAq5qj2SbMKiu5abainLYMxH6NZIE68wOyuKHoqJdkTLaVA== Received: from CO1PR19MB4984.namprd19.prod.outlook.com (2603:10b6:303:f5::12) by BL1PPF48DA19079.namprd19.prod.outlook.com (2603:10b6:20f:fc04::ea0) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9275.16; Tue, 4 Nov 2025 15:15:32 +0000 Received: from CO1PR19MB4984.namprd19.prod.outlook.com ([fe80::b141:c67f:7499:f58a]) by CO1PR19MB4984.namprd19.prod.outlook.com ([fe80::b141:c67f:7499:f58a%6]) with mapi id 15.20.9298.006; Tue, 4 Nov 2025 15:15:31 +0000 From: "Clay Jackson (cjackson)" To: Bruce Momjian , Laurenz Albe CC: Kai Wagner , Chris Travers , Christophe Pettus , pgsql-general , Ron Johnson Subject: RE: Enquiry about TDE with PgSQL Thread-Topic: Enquiry about TDE with PgSQL Thread-Index: AQHcPFne1JzuDE18N0KxA2R/9Mt46rTFWROAgABw9QCAACUYAIAVR7UAgAEuQwCAAA6oAIAAnP6AgAABXwCAAABTwIAAFJMAgAAtgICAADbUgIAAayIAgAFT6ACAAgJ/gIAAHYcAgAB7/wCAANnrYA== Date: Tue, 4 Nov 2025 15:15:31 +0000 Message-ID: References: <3DC589BC-A5F6-49BC-BFFC-F1FCB0FF7E95@thebuild.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=quest.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: CO1PR19MB4984:EE_|BL1PPF48DA19079:EE_ x-ms-office365-filtering-correlation-id: 562791df-095e-45f3-8600-08de1bb4fe9a x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|38070700021; x-microsoft-antispam-message-info: =?us-ascii?Q?nVOF5L3rLOAN7r7guJPTmWyDnnbNfn/RuNabsItuBnDUcIRN/LEDC5V0rbRh?= =?us-ascii?Q?2zAXo10/ro3hI2XUqflZSHZwUYoKj6hn207A/MU5we3nzRGIbLMS1aCt1xKU?= =?us-ascii?Q?YC0PUV0con6WSCdPHICH8pDuY0MbGVbTFpDsVU4uI+tq9+6xeQMFsYFEtlq6?= =?us-ascii?Q?qeRRW2i4Pf7Q6QIMkP/1ifIpAFmTauaTr78aCbNK/BFAyJbXhN9XnIo0y43y?= =?us-ascii?Q?T9Nbz8i/XpFv/Z7aXMh8BLwj900/idOqa2oHpSF+Rfk5buvgZD7vHRzEdH+R?= =?us-ascii?Q?nd1nWwRVom0f/feYIb32SpwiIpbdch3qmHHBoi2JgTObCH7sPcAPQn5eJDLO?= =?us-ascii?Q?0nBJwiE9u7PiOVffmoxFwnpMCDTiQkfbydgaQpsaP8WgzjFT+qp1bF2PGZPK?= =?us-ascii?Q?awJ7ZopiP2opo74wtBTcdZIAVe/WUDeOWPFFNJbKepHMaTW0az99knduxRWY?= =?us-ascii?Q?RF4I+DRfz+W+0WVkKSC9NSPaCvhO4WLBsnD1NwrfWeTWEtRowLd4PKSq+vbX?= =?us-ascii?Q?ZUqOZiB3aFS5ruV5TlWZ1ura5kHRelTpTF1x0kJkia9k/ZZAG16f5eKi3LHr?= =?us-ascii?Q?BA/EHipaxu+nZMx5WcUSzX1Spl/0EXqY9yNgC31js/vhjqqfty36T18smhvi?= =?us-ascii?Q?2jCkNNcZDdCVTAZt4pOWPiVFOITwQMYuK30uI2Mr5eGtyhyVpe/qz9hIMAgd?= =?us-ascii?Q?HO4Z1vXwxjcSzeb/MeugHROFMjBx6HIoP6tFbqK3MiWcf5a8aGZ3r19UStvh?= =?us-ascii?Q?oyW/UYYiYKq7FN69AoHKhCrOkAeL2OyTRgJrFeVJpKi5HQAB9YF/fGmqN3Zk?= =?us-ascii?Q?YZVFIGTgyLFVmN1ClWaqtBzQ8PAKGC+6dxCPUsrMeGRD5wQwx5ZfLl6YUVG5?= =?us-ascii?Q?vgIT/9hIHHrAeSiDloZRafMR/5O4BVqqSwCkiT+Y/nljxG+RE+DVnWV+Yvmm?= =?us-ascii?Q?rq4SsFtcFYAIukClVWsN8XLA6DZPCpbYq8P5ExsnfqUS/KEohHcEgRW1WmbZ?= =?us-ascii?Q?LdMi2WNUNvRKRrG98my18HsdGZu4KHJB18V/Ei6YzkCo7HGR/szN12xSKKPR?= =?us-ascii?Q?85UpFgb4TkX5TbJdLQ6iqNlMcFUAM33nQzdaun59Aj3a1xfD9HdHMeltJSZs?= =?us-ascii?Q?TQTviA3/+TY6Zm4ZCiI52mT79dK/1CGN55OiYzmhJTFgNckZKZ+wglDVdDwi?= =?us-ascii?Q?Mor5ytv0/yCGceulK6rbpxv0ssDzGMcwJneGqG4ewxaYJA/Zd2PA4ryKW5CE?= =?us-ascii?Q?6dG+Xk02hjoiHa9OcnXncvPMSnfVC2SB/Q7BjKfG2TMSlD6a45wHxtSm+LPE?= =?us-ascii?Q?toWPjpdL9Qn/alSuTOnG1VCr3yDq/ELsfHgZvQD9FH+xyiWKuX6J2w94bVNY?= =?us-ascii?Q?BE0m2Bbd7lRkUKBWwy1KF5ZmiaewplC4mTjBwiu2kWq3MiUDvkOFTTH6jG9A?= =?us-ascii?Q?NT4qXx+P28JQfJPlyqXVZl3OTsaNr7Of?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CO1PR19MB4984.namprd19.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(38070700021);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?33OYtmPE/w16fhNuJdMIg6nXh8sR54hpfGB/iVRIp5aRENIIk1dl8wvBVvSx?= =?us-ascii?Q?a5ehXi2y/+MM8ODvx+GkPkW57lCAe5oNN6sJVFW5mIs2RIDAU2gnb8NpQ2bG?= =?us-ascii?Q?LL99d3Ff+5PJH5K4+dOA89UiKIakNLm8CTZ6SS6uk1iVxHl2TYdnPjD6OW04?= =?us-ascii?Q?VXyZkyvG7A9rhzsk+PylMqBa2150c+I2hgiBXX3M6MzgmGYEAdTQKRy1cocN?= =?us-ascii?Q?S4RMDkGUPwKUEQaFIsQkjkF9nyTG3rFozVFfOoAxAbUM31j2qws2+h5xhQr1?= =?us-ascii?Q?gMN5hqLpQ7gmINFXVbXeRADQdEzJZLbLIE4968wkZ/rA+gwjcjJBm6EufUqz?= =?us-ascii?Q?FhAvTYcuCPcd272Qk1zUrU1heXuZYkTUK3QUBgSeAqEuKbz56ztX4c3Gq5Pf?= =?us-ascii?Q?OsflWhm8lbc1c7RzsMHsT5+8j67KUYhSfwM3YGlGK2WE4UVLws0Yk8EhtaPg?= =?us-ascii?Q?Lmy/Ox1je4/bvzK0zqcW2OPhhfVRnKwSAYPw+jeKN23oRPbztq/Gp81vq5P1?= =?us-ascii?Q?Sa+22snzOaoQi1NTE4fa1WO8EbXaI0eFFgMds3bQBOzkrm7NQ9zwWpQERemA?= =?us-ascii?Q?IJjhMxtx1nTi65twVrbvA6UzzGGRj3gOAJkbo+RPiTFczyQfCanyVfVmAxcu?= =?us-ascii?Q?FsCa3G4Qjl37FRwPFgJ3cAC4B+jXw2kdZaGWSzJk768PvrbD3FQc9d2zzTpE?= =?us-ascii?Q?cP93fXJt/GzxwYL32clP4u1J395e1OHIInpY1AWr2caMhVsTZc1W77xusNFN?= =?us-ascii?Q?CmZUqy4q+EY11NyaQ73M9SPndNTYjJAlbJqwmxav63Y4650jDpHuE7ZQZn//?= =?us-ascii?Q?Sdg6kIhcHWTvE/B3fF7fmgOQf44Ju246zQ8qfma+xyiGr944mKYLLWUplQte?= =?us-ascii?Q?CW0RlOolvm4ftDh09VtHxr8d91Tt39YRZAP+G32ot1fPer4yK/IEVnBIHY+8?= =?us-ascii?Q?S87hvkF/agArtYX7GQ2thEyInCYaF7isdRcDIlDU62WTHMxHi3CVj2t4zHo7?= =?us-ascii?Q?BhsvWvkA208gZ8MEdc4wRp6PN/GlTNpkW9eFe/dao9cLq3e+uPfKO7ezvvuZ?= =?us-ascii?Q?5ThwPJXqpwgekrKOAYpCA9aGw+V0skBkXuDY7Ya8I9ScrFeKY7U20m2iCunz?= =?us-ascii?Q?6qNCA5MDEC28cSaI2TnPV1DVXn8Nk7110oeImEb1rN/CNFvjU57XTuaYktne?= =?us-ascii?Q?UtCjDkYxQf19unFqcwMMfs0REOuMZ+AgyTdeGT4rZXO1hQAedFCbIm1IU20J?= =?us-ascii?Q?8R4kTvpYK60KryLFRSbC4OyOa4MLT0/PVtTGvqyo84dKquI6mOCVvtv5ELvs?= =?us-ascii?Q?27pxNQXWPDF63ctb789iwvqi4YCuTMofMDgSdybRL15ex+5UY4so1t9BNly7?= =?us-ascii?Q?1D/AGiCKRWcfUK9zroLos8v/Hr9BUuT8fYrmjwsBsTE3jo+xSuhz5fBOjgJC?= =?us-ascii?Q?bNl5S2/96gqSh7wKr5WUzLSAibosVgluaIfhECmoE/hR9tQyHFM20KIw4fFU?= =?us-ascii?Q?Hxc78IEEYSQ7xXjzKKWjlfudSNekn8UaV5oCunw+UmX5vDkPtHrcK0WefKMX?= =?us-ascii?Q?oBLAeC8eH7ESpvYiGv2vHmX1uHdTgNvnzr2uR+qw?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: quest.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO1PR19MB4984.namprd19.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 562791df-095e-45f3-8600-08de1bb4fe9a X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Nov 2025 15:15:31.2173 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 91c369b5-1c9e-439c-989c-1867ec606603 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: hCegX40Gx5txlYKou7+yPuX1ykicuWwbvFgCWOT0QK/h/C9lzYWi8HL/bFOzeGgUxLMj1Cy5NntEzb+NO5TDpw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PPF48DA19079 List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk Again, speaking for myself only and not officially for Quest. " Uh, people will say that if the solution is not 100% secure in its covera= ge, it is much less useful and therefore not worth it." I would assert that NO system is "100% secure" given enough money and resou= rces. I think the more important point of this discussion is how users of= PostgreSQL can "check the box" for compliance with whatever security and e= ncryption "standards" are "required" in their environment, and/or mitigate = the risks of not being "compliant". Clay Jackson -----Original Message----- From: Bruce Momjian Sent: Monday, November 3, 2025 6:06 PM To: Laurenz Albe Cc: Kai Wagner ; Chris Travers ; Christophe Pettus ; Clay Jackson (cjackson) ; pgsql-general ; Ron Johns= on Subject: Re: Enquiry about TDE with PgSQL CAUTION: This email originated from outside of the organization. Do not fol= low guidance, click links, or open attachments unless you recognize the sen= der and know the content is safe. On Mon, Nov 3, 2025 at 07:42:06PM +0100, Laurenz Albe wrote: > On Mon, 2025-11-03 at 11:56 -0500, Bruce Momjian wrote: > > The problem with the Percona extension is it seems like it was > > developed mostly/all by Percona employees, meaning development was > > driven/steered by Percona, and there was insufficient feedback from > > the community for it to be polished enough to be a general community so= lution. > > Reading a Percona blog, it looks like you need a modified server to > get to encrypt WAL, and they probably have no support for encrypting > temporary files. So I'd say that TDE can probably not be a pure extensio= n. > Perhaps somebody from Percona can confirm. Yes, the server has to be modified because the hooks they need don't exist = in the community source code. They also have encryption control on the tab= le level, which I frankly think will never work long-term because the stora= ge API doesn't have enough table-level detail, so I think they are consider= ing tablespace-level or cluster-level encryption. > But I don't think it's a shortage of implementations for TDE that is > the problem. > > Since you say that encrypting the temp files is the biggest hurdle for > community acceptance, what about a first version that does not encrypt > temp files? For one, that will be good for encrypted backups (which > is one of the good use cases for TDE), and then you could argue that > temp files are not data *at rest*, so data-at-rest-encryption does not > apply to them. Rome wasn't built in a day, and neither were parallel > query or declarative partitioning. Uh, people will say that if the solution is not 100% secure in its coverage= , it is much less useful and therefore not worth it. -- Bruce Momjian https://momjian.us/ EDB https://enterprisedb.com/ Do not let urgent matters crowd out time for investment in the future.