Andrew Dunstan <[EMAIL PROTECTED]> writes:
> Maybe a better TODO would be to do this task in the way that has 
> previously been suggested:  
> I'm certainly not happy about any proposal to put a password/key in a 
> GUC var - that strikes me as a major footgun.

We didn't really have a better solution to the key management problem,
though, did we?  At least I don't see anything about it in that thread.

However, I definitely agree that a separate loadable PL is the way to go
for functionality of this sort.  There is no way that a dependency on
pgcrypto is going to be accepted into core, not even in the (ahem)
obfuscated way that it's presented here.

                        regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster

Reply via email to