Hi Hackers, I read many mail discussions in supporting data at rest encryption support in PostgreSQL.
I checked the discussions around full instance encryption or tablespace or table level encryption. In my observation, all the proposals are trying to modify the core code to support encryption. I am thinking of an approach of providing tablespace level encryption support including WAL using an extension instead of changing the core code by adding hooks in xlogwrite and xlogread flows, reorderbuffer flows and also by adding smgr plugin routines to support encryption and decryption of other pages. Definitely this approach does't work for full instance encryption. Any opinions/comments/problems in evaluating the encryption with an extesnion approach? Regards, Haribabu Kommi Fujitsu Australia
