From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
---|---|
To: | Magnus Hagander <magnus(at)hagander(dot)net> |
Cc: | Alex Hunsaker <badalex(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Abhijit Menon-Sen <ams(at)oryx(dot)com>, pgsql(at)mohawksoft(dot)com, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: SSL configure patch: review |
Date: | 2008-11-21 14:13:14 |
Message-ID: | 20081121141314.GB5210@alvh.no-ip.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Magnus Hagander escribió:
> Alex Hunsaker wrote:
> > On Fri, Aug 1, 2008 at 13:31, Alvaro Herrera <alvherre(at)commandprompt(dot)com> wrote:
> >> Something that's bothering me is that PGSSLKEY is inconsistent with the
> >> sslkey conninfo parameter. PGSSLKEY specifies an engine (basically a
> >> driver for specialized hardware AFAICT) from which the key is to be
> >> loaded, but sslkey is a simple filename. This means that there's no way
> >> to load a key from hardware if you want to specify it per connection.
> >> Not that I have any such hardware, but it looks bogus.
I think the above consideration needs some discussion too. Committing
it as-is doesn't seem OK because you can't change it later -- it's
user-visible.
--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.
From | Date | Subject | |
---|---|---|---|
Next Message | Magnus Hagander | 2008-11-21 14:17:36 | Re: SSL configure patch: review |
Previous Message | Magnus Hagander | 2008-11-21 13:36:07 | Re: Autoconf, libpq and replacement function |