Skip site navigation (1) Skip section navigation (2)

Re: 2nd revision of SSL patches

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Bear Giles <bgiles(at)coyotesong(dot)com>
Cc: pgsql-patches(at)postgresql(dot)org
Subject: Re: 2nd revision of SSL patches
Date: 2002-05-22 00:25:50
Message-ID: Pine.LNX.4.44.0205211415270.1230-100000@localhost.localdomain (view raw or flat)
Thread:
Lists: pgsql-patches
Bear Giles writes:

>  *) certs are fully validated - valid root certs must be available.
>     This is a hassle, but it means that you *can* trust the identity
>     of the server.

I'm confused.  We currently don't have SSL-based authentication, so why do
we have certificates at all?

>  *) the client library can handle hardcoded root certificates, to
>     avoid the need to copy these files.

Hardcoding is evil.

>  *) host name of server cert must resolve to IP address, or be a
>     recognized alias.  This is more liberal than the previous
>     iteration.

Which is the standard/recommended practice?

>  *) the number of bytes transferred is tracked, and the session
>     key is periodically renegotiated.

Define "periodically".

>  *) basic cert generation scripts (mkcert.sh, pgkeygen.sh).  The
>     configuration files have reasonable defaults for each type
>     of use.

Again, what are these certificate management tools for if we don't have
any need for certificates?

About the code:

* no // comments

* no fprintf(stderr, ...) in library functions

* read_SSL/write_SSL -- If you think these functions are misnamed, rename
  them.

* Isn't there an automated way to generated error message from error codes
  in OpenSSL?

-- 
Peter Eisentraut   peter_e(at)gmx(dot)net


In response to

Responses

pgsql-patches by date

Next:From: Neil ConwayDate: 2002-05-22 18:28:49
Subject: Re: libpq++ fixes
Previous:From: Bear GilesDate: 2002-05-21 07:36:09
Subject: 2nd revision of SSL patches

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group