| From: | Jon Jensen <jon(at)endpoint(dot)com> |
|---|---|
| To: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: sslmode patch |
| Date: | 2003-07-01 20:03:23 |
| Message-ID: | Pine.LNX.4.50.0307011954010.1200-100000@louche.swelter.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
On Tue, 1 Jul 2003, Bruce Momjian wrote:
> > To sum up, there's a new client parameter "sslmode" and environment
> > variable "PGSSLMODE", with these options:
> >
> > sslmode description
> > ------- -----------
> > prevent Unencrypted non-SSL only
>
> I think the word 'never' would be more appropriate than 'prevent'.
That sounds fine to me, though it breaks with the pattern of all four
option words being verbs, allowing the user to think "I want to *** SSL
mode for this connect."
> > The only change to the server is a new pg_hba.conf line type,
> > "hostnossl", for specifying connections that are not allowed to use SSL
>
> Should this be 'hostneverssl'? Nossl implies to me that the host
> doesn't have SSL, which really isn't the issue.
Well, perhaps. But by that logic, "hostssl" would imply that the client
only will do SSL, which the server can't know. Since the server doesn't
know anything about the client ahead of time, I don't read anything into
it. I just think:
host = apply this line for any kind of connection,
hostssl = apply this line only to SSL connections, and
hostnossl = apply this line only to non-SSL connections.
It's unfortunate there's not a more distinctive name for a "regular" or
"plain" or "unencrypted" connection than "no SSL", but I don't think it's
too big of a deal.
> Are out defaults right, that we prefer SSL if client and server can do
> it? And now have hostnossl(or hostneverssl) to turn it off?
Yes, I think the defaults are good. Users who don't bother to read the
docs will end up with secured connections, which is good, and users
seeking to avoid the SSL overhead can then read the docs and learn how,
and consider how secure their network really is. :)
> I think we can get this into 7.4.
That would be great. It would be good to hear someone else's take on the
above, and also on the code itself, since I'm not a C expert. I was unable
to build docs from SGML yesterday on my machine, and now that I got it to
work, I find I made some markup errors which I've corrected and can
resubmit whenever you're ready.
Jon
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2003-07-01 20:16:17 | Re: sslmode patch |
| Previous Message | Hannu Krosing | 2003-07-01 20:02:20 | Re: help needed with yacc/bison |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2003-07-01 20:16:17 | Re: sslmode patch |
| Previous Message | Bruce Momjian | 2003-07-01 20:02:09 | ecpg warning |