On Mon, 22 Jan 2024 at 11:47, Peter Smith wrote:
>
> 2024-01 Commitfest.
>
> Hi, This patch has a CF status of "Needs Review" [1], but it seems
> there were CFbot test failures last time it was run [2]. Please have a
> look and post an updated version if necessary.
The patch which you submitted h
2024-01 Commitfest.
Hi, This patch has a CF status of "Needs Review" [1], but it seems
there were CFbot test failures last time it was run [2]. Please have a
look and post an updated version if necessary.
==
[1] https://commitfest.postgresql.org/46/3985/
[2] https://cirrus-ci.com/task/5498215
On Tue, Nov 7, 2023 at 5:49 PM Andres Freund wrote:
> Hi,
>
> On 2023-11-06 09:56:37 -0500, Stephen Frost wrote:
> > * Andres Freund (and...@anarazel.de) wrote:
> > > I still am quite quite unconvinced that using the LSN as a nonce is a
> good
> > > design decision.
> >
> > This is a really impor
On Tue, Nov 7, 2023 at 6:47 PM Andres Freund wrote:
> Hi,
>
> On 2023-11-06 11:26:44 +0100, Matthias van de Meent wrote:
> > On Sat, 4 Nov 2023 at 03:38, Andres Freund wrote:
> > > On 2023-11-02 22:09:40 +0100, Matthias van de Meent wrote:
> > > > I'm quite surprised at the significant number of
Hi,
On 2023-11-06 11:26:44 +0100, Matthias van de Meent wrote:
> On Sat, 4 Nov 2023 at 03:38, Andres Freund wrote:
> > On 2023-11-02 22:09:40 +0100, Matthias van de Meent wrote:
> > > I'm quite surprised at the significant number of changes being made
> > > outside the core storage manager files.
Hi,
On 2023-11-06 09:56:37 -0500, Stephen Frost wrote:
> * Andres Freund (and...@anarazel.de) wrote:
> > I still am quite quite unconvinced that using the LSN as a nonce is a good
> > design decision.
>
> This is a really important part of the overall path to moving this
> forward, so I wanted to
Greetings,
* Bruce Momjian (br...@momjian.us) wrote:
> On Mon, Nov 6, 2023 at 09:56:37AM -0500, Stephen Frost wrote:
> > The gist is, without a suggestion of things to try, we're left
> > to our own devices to try and figure out things which might be
> > successful, only to have those turned down
On Fri, Nov 3, 2023 at 9:53 PM Andres Freund wrote:
> On 2023-11-02 19:32:28 -0700, Andres Freund wrote:
> > > From 327e86d52be1df8de9c3a324cb06b85ba5db9604 Mon Sep 17 00:00:00 2001
> > > From: David Christensen
> > > Date: Fri, 29 Sep 2023 15:16:00 -0400
> > > Subject: [PATCH v3 5/5] Add encryp
Hi, thanks for the detailed feedback here.
I do think it's worth addressing the question Stephen raised as far as what
we use for the IV[1]; whether LSN or something else entirely, and if so
what. The choice of LSN here is fairly fundamental to the existing
implementation, so if we decide to do s
On Mon, Nov 6, 2023 at 09:56:37AM -0500, Stephen Frost wrote:
> The gist is, without a suggestion of things to try, we're left
> to our own devices to try and figure out things which might be
> successful, only to have those turned down too when we come back with
> them, see [1] for what feels lik
On Thu, Nov 2, 2023 at 07:32:28PM -0700, Andres Freund wrote:
> On 2023-10-31 16:23:17 -0500, David Christensen wrote:
> > +Implementation
> > +--
> > +
> > +To enable cluster file encryption, the initdb option
> > +--cluster-key-command must be used, which specifies a command to
> > +
Greetings,
Thanks for your feedback on this.
* Andres Freund (and...@anarazel.de) wrote:
> I still am quite quite unconvinced that using the LSN as a nonce is a good
> design decision.
This is a really important part of the overall path to moving this
forward, so I wanted to jump to it and have
On Sat, 4 Nov 2023 at 03:38, Andres Freund wrote:
>
> Hi,
>
> On 2023-11-02 22:09:40 +0100, Matthias van de Meent wrote:
> > I'm quite surprised at the significant number of changes being made
> > outside the core storage manager files. I thought that changing out
> > mdsmgr with an encrypted smgr
On 2023-11-02 19:32:28 -0700, Andres Freund wrote:
> > From 327e86d52be1df8de9c3a324cb06b85ba5db9604 Mon Sep 17 00:00:00 2001
> > From: David Christensen
> > Date: Fri, 29 Sep 2023 15:16:00 -0400
> > Subject: [PATCH v3 5/5] Add encrypted/authenticated WAL
> >
> > When using an encrypted cluster, w
Hi,
On 2023-11-02 22:09:40 +0100, Matthias van de Meent wrote:
> I'm quite surprised at the significant number of changes being made
> outside the core storage manager files. I thought that changing out
> mdsmgr with an encrypted smgr (that could wrap mdsmgr if so desired)
> would be the most obvi
Hi,
On 2023-10-31 16:23:17 -0500, David Christensen wrote:
> The patches are as follows:
>
> 0001 - doc updates
> 0002 - Basic key management and cipher support
> 0003 - Backend-related changes to support heap encryption
> 0004 - modifications to bin tools and programs to manage key rotation and
>
On Tue, 31 Oct 2023 at 22:23, David Christensen
wrote:
>
> Greetings,
>
> I am including an updated version of this patch series; it has been rebased
> onto 6ec62b7799 and reworked somewhat.
>
> The patches are as follows:
>
> 0001 - doc updates
> 0002 - Basic key management and cipher support
>
On Tue, Oct 31, 2023 at 04:32:38PM -0500, David Christensen wrote:
> On Tue, Oct 31, 2023 at 4:30 PM Bruce Momjian wrote:
> Temporary /files/ are handled in a different patch set and are not included
> here (not sure of the status of integrating at this point). I believe that
> this patch should
On Tue, Oct 31, 2023 at 4:30 PM Bruce Momjian wrote:
> On Tue, Oct 31, 2023 at 04:23:17PM -0500, David Christensen wrote:
> > Greetings,
> >
> > I am including an updated version of this patch series; it has been
> rebased
> > onto 6ec62b7799 and reworked somewhat.
> >
> > The patches are as foll
On Tue, Oct 31, 2023 at 04:23:17PM -0500, David Christensen wrote:
> Greetings,
>
> I am including an updated version of this patch series; it has been rebased
> onto 6ec62b7799 and reworked somewhat.
>
> The patches are as follows:
>
> 0001 - doc updates
> 0002 - Basic key management and cipher
20 matches
Mail list logo
