> On Oct 31, 2025, at 10:32, Clay Jackson (cjackson) <[email protected]> > wrote: > > Pardo me for jumping in here - but would filesystem level encryption possibly > meet your requirements? If we're talking about PCI DSS, the answer is: Yes, but. Filesystem-level encryption is acceptable IF the encryption keys (or other passwords used to unlock them) are separate from the user access controls to the host that has the encrypted volume attached. You have to go through a second step of decrypting the volume (or making it available for decrypted reads) separate from just mounting it.
- Re: Enquiry about TDE with PgSQL Bruce Momjian
- Re: Enquiry about TDE with PgSQL Kai Wagner
- Re: Enquiry about TDE with PgSQL Bruce Momjian
- Re: Enquiry about TDE with PgSQL Adrian Klaver
- Re: Enquiry about TDE with PgSQL Laurenz Albe
- Re: Enquiry about TDE with PgSQL Bruce Momjian
- Re: Enquiry about TDE with PgSQL Adrian Klaver
- Re: Enquiry about TDE with PgSQL Christophe Pettus
- Re: Enquiry about TDE with PgSQL Bruce Momjian
- RE: Enquiry about TDE with PgSQL Clay Jackson (cjackson)
- Re: Enquiry about TDE with PgSQL Christophe Pettus
- Re: Enquiry about TDE with PgSQL Álvaro Herrera
- Re: Enquiry about TDE with PgSQL Bruce Momjian
- Re: Enquiry about TDE with PgSQL Kai Wagner
- Re: Enquiry about TDE with PgSQL Bruce Momjian
- Re: Enquiry about TDE with PgSQL Ron Johnson
- Re: Enquiry about TDE with PgSQL Bruce Momjian
- Re: Enquiry about TDE with PgSQL Greg Sabino Mullane
- Re: Enquiry about TDE with PgSQL Bruce Momjian
- Re: Enquiry about TDE with PgSQL Ron Johnson
- Re: Enquiry about TDE with PgSQL Adrian Klaver
