SSL support for ephemeral DH keys.
As the comment headers in be-secure.c discusses, EPH preserves
confidentiality even if the static private key (which is usually
kept unencrypted) is compromised.
Because of the value of this, common default values are hard-coded
to protect the confidentiality of the data even if an attacker
successfully deletes or modifies the external file.
pgsql-patches by date
|Next:||From: Bear Giles||Date: 2002-05-25 06:37:11|
|Subject: SSL (patch 7)|
|Previous:||From: Bear Giles||Date: 2002-05-25 04:30:13|
|Subject: SSL (patch 5)|