Bruce Momjian <bruce@momjian.us> wrote:
> I have seen no one present a clear description of how anything beyond
> all-cluster encryption would work or be secure. Wishing that were not
> the case doesn't change things.
Since this email thread has grown a lot and is difficult to follow, it might
help if we summarized various approaches on the wiki, with their pros and
cons, and included some links to the corresponding emails in the
archive. There might be people who would like think about the problems but
don't have time to read the whole thread. Overview of the pending problems of
particular approaches might be useful for newcomers, but also for people who
followed only part of the discussion. I mean an overview of the storage
problems; the key management seems to be less controversial.
If you think it makes sense, I can spend some time next week on the
research. However I'd need at least an outline of the approaches proposed
because I also missed some parts of the thread.
--
Antonin Houska
Web: https://www.cybertec-postgresql.com