On Tue, 31 Oct 2023 at 22:23, David Christensen <david.christen...@crunchydata.com> wrote: > > Greetings, > > I am including an updated version of this patch series; it has been rebased > onto 6ec62b7799 and reworked somewhat. > > The patches are as follows: > > 0001 - doc updates > 0002 - Basic key management and cipher support > 0003 - Backend-related changes to support heap encryption
I'm quite surprised at the significant number of changes being made outside the core storage manager files. I thought that changing out mdsmgr with an encrypted smgr (that could wrap mdsmgr if so desired) would be the most obvious change to implement cluster-wide encryption with the least code touched, as relations don't need to know whether the files they're writing are encrypted, right? Is there a reason to not implement this at the smgr level that I overlooked in the documentation of these patches? Kind regards, Matthias van de Meent Neon (https://neon.tech)
