|Subject||Re: Does the database 'need' encryption?|
> Same seems to be the case with PostgreSQL:you forgot pgcrypto
and I like their warning :
F.25.6.3. Security limitations
All pgcrypto functions run inside the database server. That means that all the data and passwords move between pgcrypto and client applications in clear text. Thus you must:
Connect locally or use SSL connections.
Trust both system and database administrator.
If you cannot, then better do crypto inside client application.