Re: SSL (patch 6)

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Bear Giles <bgiles(at)coyotesong(dot)com>
Cc: pgsql-patches(at)postgresql(dot)org
Subject: Re: SSL (patch 6)
Date: 2002-06-11 22:32:19
Message-ID: 200206112232.g5BMWJ824149@candle.pha.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-patches


Your patch has been added to the PostgreSQL unapplied patches list at:

http://candle.pha.pa.us/cgi-bin/pgpatches

I will try to apply it within the next 48 hours.

---------------------------------------------------------------------------

Bear Giles wrote:
> SSL support for ephemeral DH keys.
>
> As the comment headers in be-secure.c discusses, EPH preserves
> confidentiality even if the static private key (which is usually
> kept unencrypted) is compromised.
>
> Because of the value of this, common default values are hard-coded
> to protect the confidentiality of the data even if an attacker
> successfully deletes or modifies the external file.
>
> Bear

Content-Description: /tmp/patch6

[ Attachment, skipping... ]

>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/users-lounge/docs/faq.html

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026

In response to

Browse pgsql-patches by date

  From Date Subject
Next Message Bruce Momjian 2002-06-11 22:32:59 Re: SSL (patch 7)
Previous Message Bruce Momjian 2002-06-11 22:32:15 Re: SSL (patch 5)