2025-10-08 –, Belvedere II/ Community, Contribution & the Future
Databases are by nature IO heavy, and in the upcoming version of Postgres we continue to push the IO envelope with the introduction of asynchronous IO infrastructure. As datasets grow, the need for pushing even larger amounts of data across the wire will increase, and with it the performance overhead paid when using TLS connections. In this talk we'll go through how Postgres is using OpenSSL, what sort of bottlenecks we run into, and what our ultimate OpenSSL changelog wishlist would be.
And while at it, can we have a pony too?
The PostgreSQL project has been supporting OpenSSL for secure connections for a very long time, and using TLS is recommended for virtually all installations. The size of the active datasets that installations use is however growing all the time, and with it our need to push even more data across the wire at high speed. With the introduction of asynchronous IO in Postgres 18 we are seeing even more bottlenecks as the data goes to the network.
This talk will feature insights from an implementer, and it's users. The Postgres project has a long history and large install base on both SaaS and on-premise type installations, and workloads ranging from small OLTP to petabyte scale data warehouses. In this talk we'll describe not only how we use OpenSSL, but more importantly how we would like to use OpenSSL to maximize performance.
Now, as a popular open source project we know all about feature requests and wishlists. We don't expect this to turn into PR's, but we hope it will plant a seed with the OpenSSL developers on how it can support lower latencies in database use. We have travelled with OpenSSL for a long time, and we would like journey even more successful.
Daniel Gustafsson is a long time Postgres hacker, major contributor and committer on the project. Having been around the project for over a decade he has taken part of most aspects of the project, writing code and docs, organizing conferences and occasionally speaking at them, partaking in governance efforts etc. He currently works for Microsoft doing Postgres hacking, and was previously employed by VMware and Pivotal where he worked on Greenplum, a data warehouse based on Postgres.
When not working on Postgres he is a curl/libcurl contributor, committer and security team member.