Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1vEtle-0036DK-F6 for pgsql-general@arkaria.postgresql.org; Fri, 31 Oct 2025 18:22:29 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1vEtlc-00HHkX-KS for pgsql-general@arkaria.postgresql.org; Fri, 31 Oct 2025 18:22:27 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1vEtlc-00HHkP-9v for pgsql-general@lists.postgresql.org; Fri, 31 Oct 2025 18:22:27 +0000 Received: from momjian.us ([72.94.173.45]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vEtlZ-005I4D-0E for pgsql-general@postgresql.org; Fri, 31 Oct 2025 18:22:26 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=momjian.us; s=2025010100; h=In-Reply-To:Content-Transfer-Encoding:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-ID:Content-Description; bh=OyTCiUuC++ZkeviK5Kuf7Af/iLtx1lTEWWP7gnDqqrQ=; b=bkaTZfkmsKR2orf4HtIbH3z+66 oJlbXoiN94YpAIzm1QDVJtQLNW3sgY5SWL1WGr/AS+YhwXz8zOyBpZFLagrFbGkhZdvfRpmrMo/PP 3NugpO9r9qWPY6xxIMKhs8gqszJAEYz7XbQzvggwgvdj4PIAKcbC/RCubuDylg2Oj/y5vA7FMgufJ gVBHMVD3SxUcXALFa7onaXY7FWBBTd8763cYn/GbcYbjq5OwqRO0s8g0tXKKEI8e+GVTD0A/6Jbz3 feT4kmLWlaRkTUS1mEnKdSSGL7s9vLdJKmsazsN5aX5j2n3dXBFl9MjQ6JmMOIM81MS+HW9aIduT8 PCYktDZQ==; Received: from bruce by momjian.us with local (Exim 4.98.2) (envelope-from ) id 1vEtlW-00000009Jcg-0ytM; Fri, 31 Oct 2025 14:22:22 -0400 Date: Fri, 31 Oct 2025 14:22:22 -0400 From: Bruce Momjian To: =?utf-8?Q?=C3=81lvaro?= Herrera Cc: Christophe Pettus , Adrian Klaver , Kai Wagner , Laurenz Albe , Ron Johnson , pgsql-general Subject: Re: Enquiry about TDE with PgSQL Message-ID: References: <202510311727.f5ifxfb6ufgd@alvherre.pgsql> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <202510311727.f5ifxfb6ufgd@alvherre.pgsql> List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Fri, Oct 31, 2025 at 06:33:54PM +0100, Álvaro Herrera wrote: > On 2025-Oct-31, Bruce Momjian wrote: > > > Yes, we have been avoiding the masquerade for years. The question is > > can we continue. From the lack of discussion since April 1, 2025, it > > seems the answer is yes. > > Maybe, but I think the only reason for this is that some companies are > implementing it locally in their forks or whatever. I bet there are > many prospective customers that we (the open source Postgres project) > are not reaching because of lack of certifiability in this area. > > Can we continue to ignore it? My impression is that that strategy will > continue to work, perhaps indefinitely. Is it a good idea? Of that I > am not so sure. Agreed. Just to state the obvious, I have never heard of any Postgres support company discouraging the community from implementing TDE. In fact, I have heard them strongly encourage it. -- Bruce Momjian https://momjian.us EDB https://enterprisedb.com Do not let urgent matters crowd out time for investment in the future.