On Mon, Oct 24, 2022 at 9:29 AM David Christensen <david.christen...@crunchydata.com> wrote: > I would love to open a discussion about how to move forward and get > some of these features built out. The historical threads here are > quite long and complicated; is there a "current state" other than the > wiki that reflects the general thinking on this feature? Any major > developments in direction that would not be reflected in the code from > May 2021?
I don't think the patchset here has incorporated the results of the discussion [1] that happened at the end of 2021. For example, it looks like AES-CTR is still in use for the pages, which I thought was already determined to be insufficient. The following next steps were proposed in that thread: > 1. modify temporary file I/O to use a more centralized API > 2. modify the existing cluster file encryption patch to use XTS with a > IV that uses more than the LSN > 3. add XTS regression test code like CTR > 4. create WAL encryption code using CTR Does this patchset need review before those steps are taken (or was there additional conversation/work that I missed)? Thanks, --Jacob [1] https://www.postgresql.org/message-id/flat/20211013222648.GA373%40momjian.us