Skip site navigation (1) Skip section navigation (2)

Re: Draft of 8.4 beta announcement, please edit

From: Bruce Momjian <bruce(at)momjian(dot)us>
To: Peter Eisentraut <peter_e(at)gmx(dot)net>
Cc: pgsql-advocacy(at)postgresql(dot)org, Magnus Hagander <magnus(at)hagander(dot)net>, Josh Berkus <josh(at)agliodbs(dot)com>
Subject: Re: Draft of 8.4 beta announcement, please edit
Date: 2009-04-11 02:09:02
Message-ID: 200904110209.n3B292T11610@momjian.us (view raw or flat)
Thread:
Lists: pgsql-advocacy
Peter Eisentraut wrote:
> On Friday 10 April 2009 00:27:20 Magnus Hagander wrote:
> > Peter Eisentraut wrote:
> > > On Thursday 09 April 2009 02:14:44 Josh Berkus wrote:
> > >>      * Support SSL certs for authentication
> > >
> > > This is not really new, it's just easier/different/something to use.
> >
> > Using SSL certs for authentication is most definitely new in 8.4.
> 
> Client authentication is new.  Server authentication is not.

I think this is referring to the 8release note item:

        Add <literal>cert</> authentication method to allow user
        authentication via <acronym>SSL</> certificates (Magnus)

        Previously <acronym>SSL</> certificates could only verify that
        the client had access to a certificate, not authenticate a
        user.

The details are here:

	http://developer.postgresql.org/pgdocs/postgres/auth-methods.html#AUTH-CERT

In summary:

	The 'cn' attribute of the certificate will be compared to the
	login username, and if they match the login will be allowed.

I have updated the release notes bullet text and draft release
announcement wiki to be:

	      Support SSL certificates for user authentication

Note the addition of the word "user".

-- 
  Bruce Momjian  <bruce(at)momjian(dot)us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + If your life is a hard drive, Christ can be your backup. +

In response to

pgsql-advocacy by date

Next:From: Peter EisentrautDate: 2009-04-12 08:55:00
Subject: Re: Draft of 8.4 beta announcement, please edit
Previous:From: Peter EisentrautDate: 2009-04-10 19:52:10
Subject: Re: Draft of 8.4 beta announcement, please edit

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group