| From: | Florian Weimer <fw(at)deneb(dot)enyo(dot)de> |
|---|---|
| To: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
| Cc: | "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Martijn van Oosterhout" <kleptog(at)svana(dot)org>, <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Upcoming re-releases |
| Date: | 2006-02-11 17:52:04 |
| Message-ID: | 87ek29941n.fsf@mid.deneb.enyo.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Magnus Hagander:
> But no, it wouldn't be bad if there was a way to specify exactly which
> cert is used. Or at least validate the common name of it agains the
> hostname of the server.
SSH-like "leap of faith" authentication would be even better. Store
the certificate on the first connection (together with the domain
name), and refuse subsequent connections if the certificate changes.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2006-02-11 18:10:23 | Re: Analyze and vacuum, they are sort of mandatory.... |
| Previous Message | Bruce Momjian | 2006-02-11 17:46:43 | Re: Scrollable cursors and Sort performance |