In our ongoing efforts to delete unowned experimental features (previously documented here: foundationdb/design/feature-status.md at main · apple/foundationdb · GitHub ), the next on the list is encryption at rest.
Before we proceed with deleting this, we’d like to ensure nobody is using FDB encryption at rest in production. We don’t think it’s ever been communicated as production ready, but we want to double check. If anyone is using this in a serious way, we’d like to hear from you for purposes of taking over ownership of the functionality.
By the way, without getting into a detailed debate about the pros/cons of having this capability in the database, I’d just note that there are many places end to end where encryption can be done:
- On the client/device side
- On the server side, above the database
- In the database itself
- On the server side, in the storage below the database
Apple has long used a combination of 1, 2, and/or 4 to secure user data and we don’t particularly feel that it’s essential to have the database perform encryption for us.