> Dimitry Sibiryakov wrote:
> >...
> >
> > External plugin is required for encryption and key is provided

within

> > DPB.
>
> Which is not secure.

While I agree, I wonder if we step back for a moment if the external
plugin still has some merits.

If we redefined the problem from securing individual databases to
securing all databases installed on a server.

Instead of the plug-in getting/expecting the key within DPB, what if the
plug-in got the key from the server's certificate store?


In this way, the key would be privately stored (not publically
available).


Sean