| From: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> |
|---|---|
| To: | rainer(at)ultra-secure(dot)de, Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Ken Marshall <ktm(at)rice(dot)edu>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Enquiry about TDE with PgSQL |
| Date: | 2025-11-03 18:30:01 |
| Message-ID: | b6432dcad6b5f1d86a849e4adcd758157044abe3.camel@cybertec.at |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, 2025-11-03 at 16:39 +0100, rainer(at)ultra-secure(dot)de wrote:
> The HSM should be backed up, too. Which is only possible by connecting
> physically to it with a notebook and inserting an USB stick.
>
> Which begs the question: where do you source an USB stick with the same
> trust-level as the 20k-a-pop HSM?
I'd say that you don't need a very secure USB stick. You just put the
USB stick in a very secure safe that only two very trustworthy people
can open together.
Yours,
Laurenz Albe
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Laurenz Albe | 2025-11-03 18:42:06 | Re: Enquiry about TDE with PgSQL |
| Previous Message | Bruce Momjian | 2025-11-03 18:14:18 | Re: Enquiry about TDE with PgSQL |