Hi, On 2020-02-07 11:18:29 +0900, Masahiko Sawada wrote: > Another idea we discussed is to internally integrate pgcrypto with the > key management system.
Perhaps this has already been discussed (I only briefly looked): I'd strongly advise against having any new infrastrure depend on pgcrypto. Its code quality imo is well below our standards and contains serious red flags like very outdated copies of cryptography algorithm implementations. I think we should consider deprecating and removing it, not expanding its use. It certainly shouldn't be involved in any potential disk encryption system at a later stage. Greetings, Andres Freund
