Re: [HACKERS] WIP: Data at rest encryption
| От | Stephen Frost |
|---|---|
| Тема | Re: [HACKERS] WIP: Data at rest encryption |
| Дата | |
| Msg-id | 20170613221333.GU3151@tamriel.snowman.net обсуждение |
| Ответ на | Re: [HACKERS] WIP: Data at rest encryption (Peter Eisentraut <peter.eisentraut@2ndquadrant.com>) |
| Список | pgsql-hackers |
Peter, * Peter Eisentraut (peter.eisentraut@2ndquadrant.com) wrote: > On 6/13/17 15:20, Stephen Frost wrote: > > And then you would need openssl on the other system to decrypt it. > > Or make the USB file system encrypted as well? If you're in that kind > of environment, that would surely be feasible, if not required. Right, but requiring file system encryption to work on a USB stick across different types of systems strikes me as actually a higher bar than requiring openssl to exist on both the source and destination sides. Naturally, if the environment you're in has already solved that problem across the enterprise then it's a good approach, although you might want to use a different encryption key, perhaps, though hopefully that's something you'd be able to do pretty easily too. Thanks! Stephen
В списке pgsql-hackers по дате отправления: