> On Nov 15, 2022, at 1:08 PM, Jacob Champion <jchamp...@timescale.com> wrote: > > On Mon, Oct 24, 2022 at 9:29 AM David Christensen > <david.christen...@crunchydata.com> wrote: >> I would love to open a discussion about how to move forward and get >> some of these features built out. The historical threads here are >> quite long and complicated; is there a "current state" other than the >> wiki that reflects the general thinking on this feature? Any major >> developments in direction that would not be reflected in the code from >> May 2021? > > I don't think the patchset here has incorporated the results of the > discussion [1] that happened at the end of 2021. For example, it looks > like AES-CTR is still in use for the pages, which I thought was > already determined to be insufficient.
Good to know about the next steps, thanks. > The following next steps were proposed in that thread: > >> 1. modify temporary file I/O to use a more centralized API >> 2. modify the existing cluster file encryption patch to use XTS with a >> IV that uses more than the LSN >> 3. add XTS regression test code like CTR >> 4. create WAL encryption code using CTR > > Does this patchset need review before those steps are taken (or was > there additional conversation/work that I missed)? This was just a refresh of the old patches on the wiki to work as written on HEAD. If there are known TODOs here this then that work is still needing to be done. I was going to take 2) and Stephen was going to work on 3); I am not sure about the other two but will review the thread you pointed to. Thanks for pointing that out. David