Re: libpq 8.4 beta1: $PGHOST complains about missing root.crt

Bruce Momjian wrote:
> Magnus Hagander wrote:
>> On 14 apr 2009, at 04.33, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
>>
>>> Magnus Hagander wrote:
>>>>> I would actually call the two parameters 'verify-cert' and 'verify-
>>>>> cn',
>>>>> and document that they also have "require" behavior. Obviously you
>>>>> can't verify certificates unless you require SSL.
>>>> I would prefer having "verify", "verify-no-cn" and "no-verify" or
>>>> something like that. Making it the "default choice" to have
>>>> verification
>>>> enabled, and very clear that you're turning something off if you're
>>>> not.
>>>> And then just map require to verify. Or they could be "require-no-cn"
>>>> and "require-no-cert" perhaps?
>>>>
>>>> ("default choice" only for those using ssl of course - we'd still
>>>> have
>>>> "disable" as the default *value* of the parameter)
>>> I think the "no" options are odd because they have _negative_
>>> designations.
>> That's the intention. When you're turning off something, I think it
>> makes sense to use "no"....
>
> But that doesn't scale: sslmode currently has four options, soon
> perhaps to be six. The idea is that the items should be of increasing
> security, and adding "no" in the middle doesn't allow that to be clear.

Here's a patch for this. Obviously, a lot needs to be done about the
docs here, I'm working on that.

I went with the names "require", "verify-ca" and "verify-full".

Patch also changes the default from "prefer" to "disable", per discussion.

Comments?

//Magnus