Localhost vs. Unix Domain Sockets?

Hi. I'm working with a couple of machines that have Postgres/Apache on
Linux setups. Connections to Postgres are currntly TCP/IP to localhost.
(We're also using itk, so that the apache connections are per-user.) We
began looking into about encrypting these connections with SSL, but now I'm
thinking of using unix domain socket connections instead.

I see two possible benefits to this:

1) Maybe better performance or use of resources. I didn't find a lot of
info, although this post from Bruce Momjian indicates that is is the case:
http://momjian.us/main/blogs/pgblog/2012.html#June_6_2012.

2) Our webapp and users wouldn't need to be given a Postgres password at
all. Authenticating as their user would be sufficient.

So I've got two questions. One is whether there are any downsides to using
sockets, or any "gotchas" to be aware of. The second is whether there is
anything to do to increase the security of sockets? (e.g., analagous to
encrypting localhost conenctions with SSL?) From the little I saw, it
sounds like sockets are "just inherently secure," but wanted to confirm
that or get another opinion!

Thanks in advance,

Ken

--
AGENCY Software
A Free Software data system
By and for non-profits
*http://agency-software.org/ <http://agency-software.org/>*
*https://agency-software.org/demo/client
<https://agency-software.org/demo/client>*
ken(dot)tanzer(at)agency-software(dot)org
(253) 245-3801

Subscribe to the mailing list
<agency-general-request(at)lists(dot)sourceforge(dot)net?body=subscribe> to
learn more about AGENCY or
follow the discussion.