Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1vG9mU-008xCd-Df for pgsql-general@arkaria.postgresql.org; Tue, 04 Nov 2025 05:40:33 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1vG9mT-00BG6Y-Bi for pgsql-general@arkaria.postgresql.org; Tue, 04 Nov 2025 05:40:32 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1vG9mT-00BG6H-06 for pgsql-general@lists.postgresql.org; Tue, 04 Nov 2025 05:40:32 +0000 Received: from mail-wr1-x430.google.com ([2a00:1450:4864:20::430]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from ) id 1vG9mO-005Lp6-0z for pgsql-general@postgresql.org; Tue, 04 Nov 2025 05:40:29 +0000 Received: by mail-wr1-x430.google.com with SMTP id ffacd0b85a97d-429c7e438a8so87596f8f.2 for ; Mon, 03 Nov 2025 21:40:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cybertec.at; s=google; t=1762234827; x=1762839627; darn=postgresql.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject :date:message-id:reply-to; bh=48+uZzQ6f6XhX10z1eTSmRZ9txdgK/sWK0tFYInonuo=; b=U5OfGLJm6/clOddr2vFTAuhFw7xkwIYn0FNbMna9kuO6ES65d0CEs6ANEZodM5G921 CuhSNmR7yPWm7kcmEB5p/qrokHVlveZvslmqDFjl65wQovw5m5fcPE9I24GqqCZ6nWru avM5NvvPXOD2unSzdeseb4HdCkgNMlFLqNNdxV0wr4YQo5cFyPKao5+3MC+Q3MMpJzrz PMjeKyqHW+Ngg1gaY19eXEIP0vJQdrBuYo/VhIy26OMjqsp63CHxL1deYFG8vZjxR6fZ CVenBzjI7ms/kU1yeD019EQ4hid2GBUVq9DWjPEB+x5viRl9dLesvVLuIqAl/l5uuHp7 yjKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1762234827; x=1762839627; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=48+uZzQ6f6XhX10z1eTSmRZ9txdgK/sWK0tFYInonuo=; b=I+OgMjYeTxFRcR/M6cWUUnVAo9TUB6jYmWe8jTSmOhiZOlUGt22Gl+vRUEYXpxqEHC zEG0ncyoqUdCbcaM3sENiZ4BTweUl6ET17dMHegMk3dr1ThIgaoC45M3centHbFyOzqx KVe0sFCqWQcHr6sV5W+wgkOBa/wuvmxrb99BxKPw53XNe1ah7pnetMPVZEaqOokdg7X2 bHO6Q2iFdU7eA4kIYC124P/36qjzQ3KPS0d7PVakj/7iVz729Or0zlijCGmWaqNW6wTH rjQUm8E+gKO+L+ypxeKWkrYgTtQHvNzblVTA6MBw0eHH2Wa/s4NKXPVmZwbySULzxr33 Ds+A== X-Forwarded-Encrypted: i=1; AJvYcCWYfJLbWYJ15xwvkVuUZ3Aheks/2kdTG95ASmC62sQmmIyaQARtRwfX6WgqjlTl32iZ/0Qm9gdXIpuZA8CU@postgresql.org X-Gm-Message-State: AOJu0YwoMm/OB/It2Ia7a3xXMn5tEiqBSQwlCA78ul6ehvMZGbQSBYF4 h4eEw5Egwa33jcUg8cBbj/+FdFqRm3/xX4wCKeQnzKTkh8TU7LAt2hHkq+XObplb/XA= X-Gm-Gg: ASbGncsq5GNxbfAk6ryfc+79kLFsS9hDMxBDS+bp4TdQZ1I5R8p2+Y0SBmxfu9biS35 HRYBoSZELlxnYV31QHTfH9czmxIlh05egGGvRd7H5YYtnCfFGiVmun18cELggLofq3rCKBhmK2n ov9AO/f4KEoLwhKuTo/floxUGdjQyOfL3pLLKGkF9ZQIVMHCmBptcIyPoF0BsU8AJ2g8y+0dZJO M+N0Od+TuHtAVSILHOsrCrDKLgIHAHTviskCN/UzQruIUZbBT6+YViQn7YvaFfx/DKurXITCnMj bXthFoRJ2ZBrbrs29z5Gq7SxVYmbYmLBFWLM9UM9Doe9mYzZSAXM4JVJfCuP4Cu4tgKlvVUNKFp o1CtYwz5+MInkDZFn+JwQbKmjo0oQc/76ti3Kjtitq9/Iuf3/UmvoXwLnQw9yn6KTCnx2ME7Tgb lCU+/G0ukP7yY1vOn/5k8Gfdq7qaY= X-Google-Smtp-Source: AGHT+IGx3/aTBzb0iWVZJU38YzQ6PJEEL/fEEoVP51OxW/8r0mDliiKY6dH87ES/QvUXxnju4qc6Bw== X-Received: by 2002:a05:6000:4387:b0:429:d437:cdd7 with SMTP id ffacd0b85a97d-429d437ce7bmr4701213f8f.52.1762234826636; Mon, 03 Nov 2025 21:40:26 -0800 (PST) Received: from laurenz.albe-K4N0CV00F97414D ([46.226.60.98]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-429dc18efd3sm2461372f8f.5.2025.11.03.21.40.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 03 Nov 2025 21:40:26 -0800 (PST) Message-ID: Subject: Re: Enquiry about TDE with PgSQL From: Laurenz Albe To: Bruce Momjian Cc: Kai Wagner , Chris Travers , Christophe Pettus , "Clay Jackson (cjackson)" , pgsql-general , Ron Johnson Date: Tue, 04 Nov 2025 06:40:26 +0100 In-Reply-To: References: <3DC589BC-A5F6-49BC-BFFC-F1FCB0FF7E95@thebuild.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.56.2 (3.56.2-2.fc42) MIME-Version: 1.0 List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Mon, 2025-11-03 at 21:05 -0500, Bruce Momjian wrote: > On Mon, Nov 3, 2025 at 07:42:06PM +0100, Laurenz Albe wrote: >=20 > > Since you say that encrypting the temp files is the biggest hurdle for > > community acceptance, what about a first version that does not encrypt > > temp files? For one, that will be good for encrypted backups (which is > > one of the good use cases for TDE), and then you could argue that temp > > files are not data *at rest*, so data-at-rest-encryption does not apply > > to them. Rome wasn't built in a day, and neither were parallel query > > or declarative partitioning. >=20 > Uh, people will say that if the solution is not 100% secure in its > coverage, it is much less useful and therefore not worth it. Some people will doubtless say that. Others will consider the checkbox requirement satisfied and use it. Yet others will consider a mislaid backup their biggest problem and will consider TDE a technically useful solution. 9.6, which introduced parallel query, only supported it for sequential scans, which was much less useful than what we have today. I for one wouldn't consider an implementation of TDE with some features missing "not worth it". If anything, I consider the marginal security improvement that TDE as a whole provides not worth it. But I am sold on the claim that having TDE would promote the adoption of PostgreSQL. =C2=A0 I am curious what others think. Yours, Laurenz Albe