> For better or worse, different threat models mean that it’s not strictly > better to do FDE and some use cases definitely want this at the db layer > instead of file system.
Do you mind elaborating which threat models? The only one I can think of is users can log onto the database machine and have read access to the cassandra data directory but not read access to wherever the keys are? -Joey --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@cassandra.apache.org For additional commands, e-mail: dev-h...@cassandra.apache.org