Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1pG1eI-0003rb-Rg for pgsql-hackers@arkaria.postgresql.org; Thu, 12 Jan 2023 17:45:58 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1pG1eH-000293-Fh for pgsql-hackers@arkaria.postgresql.org; Thu, 12 Jan 2023 17:45:57 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1pG1eH-00028o-6g for pgsql-hackers@lists.postgresql.org; Thu, 12 Jan 2023 17:45:57 +0000 Received: from out1-smtp.messagingengine.com ([66.111.4.25]) by magus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1pG1eE-0006qe-M8 for pgsql-hackers@postgresql.org; Thu, 12 Jan 2023 17:45:56 +0000 Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id B6A525C00D6; Thu, 12 Jan 2023 12:45:53 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Thu, 12 Jan 2023 12:45:53 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:reply-to:sender :subject:subject:to:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1673545553; x=1673631953; bh=5 Hjhn0O3GKQcu9utFw7qxHSQLXAakL+uAGp0d3irFjA=; b=AjnruvCDnXGmkr51F MfuqQCH42FrFQc683JS805Gtr8LAmBbTIB/eYW674MvjqmhphXAA34atN7uW/SGC b4i4IbZppj+fr3wcuSvEi4VzZ8ZWJMIFq596bOS5yf6A4ID0c7qLzXwsYo2kS7u2 u5iB23L9q214mVgj/JZakeOAiZ1wavMznMJgnj/yoRfNv45bOb23xi8P+F+wewez WebayChpseO2ftM+3Z/sDfa2MD3hkm6avM4TcGi2WQ8eUpy3sX4DCMxb4Y2arerX zsSmxgdLyFMQBtsonmAq6mu5lyEXilRSNdeF5wQUNXnwNWkDkMrq6G4BIrdodyGx +Uqow== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrleeigddutdehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvfevuffkgggtugfgjgesthekredttddtjeenucfhrhhomheptehlvhgr rhhoucfjvghrrhgvrhgruceorghlvhhhvghrrhgvsegrlhhvhhdrnhhoqdhiphdrohhrgh eqnecuggftrfgrthhtvghrnhepvdektdffudfftdffffehfffhjeejhffgieeuueekjeek fffgudffhfduffffueevnecuffhomhgrihhnpegvnhhtvghrphhrihhsvggusgdrtghomh enucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegrlhhv hhgvrhhrvgesrghlvhhhrdhnohdqihhprdhorhhg X-ME-Proxy: Feedback-ID: ia2694551:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 12 Jan 2023 12:45:53 -0500 (EST) Received: by perhan.alvh.no-ip.org (Postfix, from userid 1000) id 366F81D; Thu, 12 Jan 2023 18:41:57 +0100 (CET) Date: Thu, 12 Jan 2023 18:41:57 +0100 From: Alvaro Herrera To: Peter Eisentraut Cc: pgsql-hackers Subject: Re: What object types should be in schemas? Message-ID: <20230112174157.bxlfvg3hriwv5ur2@alvherre.pgsql> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <422c5d78-839f-8232-cd16-a887979ef901@enterprisedb.com> List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 2023-Jan-11, Peter Eisentraut wrote: > How does one decide whether something should be in a schema or not? The > current state feels intuitively correct, but I can't determine any firm way > to decide. > > Over in the column encryption thread, the patch proposes to add various key > types as new object types. For simplicity, I just stuck them directly under > database, but I don't know whether that is correct. I think one important criterion to think about is how does encryption work when you have per-customer (or per-whatever) schemas. Is the concept of a column encryption [objtype] a thing that you would like to set up per customer? In that case, you will probably want that object to live in that customer's schema. Otherwise, you'll force the DBA to come up with a naming scheme that includes the customer name in the column encryption object. -- Álvaro Herrera PostgreSQL Developer — https://www.EnterpriseDB.com/ "En las profundidades de nuestro inconsciente hay una obsesiva necesidad de un universo lógico y coherente. Pero el universo real se halla siempre un paso más allá de la lógica" (Irulan)