On 06/13/2017 10:20 AM, Stephen Frost wrote: > * Joe Conway (m...@joeconway.com) wrote: >> Except shell escaping issues, etc, etc > > That's not an issue- we're talking about reading the stdout of some > other process, there's no shell escaping that has to be done there.
It could be an issue depending on how the user stores their master key. > I disagree that proper key management is "simple". If we really get to > a point where we think we have a simple answer to it then perhaps that > can be implemented in addition to the encryption piece in the same > release cycle- but they certainly don't need to be in the same patch, > nor do we need to make good key management a requirement for adding > encryption support. I never said key management was simple. Indeed it is the most complex and hazardous part of all this as you said earlier. What is simple is implementing a master key encrypting actual keys scheme. Keeping the user's master key management out of this design is unchanged by what I proposed, and what I proposed is a superior yet simple method. Yes, it can be done separately but what is the point? We should at least discuss it as part of the design. > No, but it seriously changes the level of complexity. I feel like we're > trying to go from zero to light speed here because there's an idea that > it's "simple" to add X, Y or Z additional requirement beyond the basic > feature, but we don't have anything yet. I think that is hyperbole. It does not significantly add to the complexity of what is being discussed. Joe -- Crunchy Data - http://crunchydata.com PostgreSQL Support for Secure Enterprises Consulting, Training, & Open Source Development
signature.asc
Description: OpenPGP digital signature