Skip site navigation (1) Skip section navigation (2)

Re: Spoofing as the postmaster

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <bruce(at)momjian(dot)us>
Cc: Magnus Hagander <magnus(at)hagander(dot)net>, Andrew Sullivan <ajs(at)crankycanuck(dot)ca>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Spoofing as the postmaster
Date: 2007-12-29 03:10:18
Message-ID: 27698.1198897818@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Bruce Momjian <bruce(at)momjian(dot)us> writes:
> Agreed.  Requiring client root certificate checking is heavy-handed.

There seems to be some confusion here.  I didn't think anyone was
proposing that we force every installation to require client root
certificate checking.  What was under discussion (I thought) was
providing the ability for a DBA to *choose* to require it.

> Of course I am not sure anyone knows how to get that information from
> SSL.

Yeah, if OpenSSL doesn't support testing for this then the discussion
is moot...

			regards, tom lane

In response to

Responses

pgsql-hackers by date

Next:From: Bruce MomjianDate: 2007-12-29 03:23:18
Subject: Re: Spoofing as the postmaster
Previous:From: Bruce MomjianDate: 2007-12-29 02:35:45
Subject: Re: Spoofing as the postmaster

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group