| From: | "Jonah H(dot) Harris" <jonah(dot)harris(at)gmail(dot)com> |
|---|---|
| To: | "sanjay sharma" <sanksh(at)hotmail(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres |
| Date: | 2008-03-30 23:10:48 |
| Message-ID: | 36e682920803301610p57ced46dhde6bd22546c6a023@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sun, Mar 30, 2008 at 2:52 PM, sanjay sharma <sanksh(at)hotmail(dot)com> wrote:
> 1. Transparent Data Encryption: The column which needs to be stored in
> encrypted form can be specified through DDL.
Hey Sanjay. Based on your wording, you've probably used Oracle's TDE
and want to implement it in PG. Unfortunately, nine times out of ten,
cool Oracle features aren't seen as cool in this crowd. Looking at
your responses, there's an obvious misunderstanding in regard to
security (column-level access != encryption), and of performance
(encrypt the whole thing and pay a heavy price on *all* accesses
instead of only granular accesses to only the column(s) you're
encrypting).
Regardless, if you want to get a feature into PG, you need to first
come up with a good reason for it, get people behind the idea, and
then come up with a plan to implement it.
--
Jonah H. Harris, Sr. Software Architect | phone: 732.331.1324
EnterpriseDB Corporation | fax: 732.331.1301
499 Thornall Street, 2nd Floor | jonah(dot)harris(at)enterprisedb(dot)com
Edison, NJ 08837 | http://www.enterprisedb.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | sanjay sharma | 2008-03-31 02:58:43 | Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in P |
| Previous Message | Douglas McNaught | 2008-03-30 21:37:43 | Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres |