Re: Enquiry about TDE with PgSQL

On Mon, 2025-11-03 at 21:05 -0500, Bruce Momjian wrote:
> On Mon, Nov  3, 2025 at 07:42:06PM +0100, Laurenz Albe wrote:
>
> > Since you say that encrypting the temp files is the biggest hurdle for
> > community acceptance, what about a first version that does not encrypt
> > temp files?  For one, that will be good for encrypted backups (which is
> > one of the good use cases for TDE), and then you could argue that temp
> > files are not data *at rest*, so data-at-rest-encryption does not apply
> > to them.  Rome wasn't built in a day, and neither were parallel query
> > or declarative partitioning.
>
> Uh, people will say that if the solution is not 100% secure in its
> coverage, it is much less useful and therefore not worth it.

Some people will doubtless say that.  Others will consider the checkbox
requirement satisfied and use it.  Yet others will consider a mislaid
backup their biggest problem and will consider TDE a technically useful
solution.

9.6, which introduced parallel query, only supported it for sequential
scans, which was much less useful than what we have today.  I for one
wouldn't consider an implementation of TDE with some features missing
"not worth it".  If anything, I consider the marginal security improvement
that TDE as a whole provides not worth it.  But I am sold on the claim
that having TDE would promote the adoption of PostgreSQL.  

I am curious what others think.

Yours,
Laurenz Albe