On Mon, 2025-11-03 at 21:05 -0500, Bruce Momjian wrote:
> On Mon, Nov 3, 2025 at 07:42:06PM +0100, Laurenz Albe wrote:
>
> > Since you say that encrypting the temp files is the biggest hurdle for
> > community acceptance, what about a first version that does not encrypt
> > temp files? For one, that will be good for encrypted backups (which is
> > one of the good use cases for TDE), and then you could argue that temp
> > files are not data *at rest*, so data-at-rest-encryption does not apply
> > to them. Rome wasn't built in a day, and neither were parallel query
> > or declarative partitioning.
>
> Uh, people will say that if the solution is not 100% secure in its
> coverage, it is much less useful and therefore not worth it.
Some people will doubtless say that. Others will consider the checkbox
requirement satisfied and use it. Yet others will consider a mislaid
backup their biggest problem and will consider TDE a technically useful
solution.
9.6, which introduced parallel query, only supported it for sequential
scans, which was much less useful than what we have today. I for one
wouldn't consider an implementation of TDE with some features missing
"not worth it". If anything, I consider the marginal security improvement
that TDE as a whole provides not worth it. But I am sold on the claim
that having TDE would promote the adoption of PostgreSQL.
I am curious what others think.
Yours,
Laurenz Albe
