From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org, "Victor B(dot) Wagner" <vitus(at)cryptocom(dot)ru> |
Subject: | Re: [PATCHES] Backend SSL configuration enhancement |
Date: | 2006-08-30 22:09:56 |
Message-ID: | 200608310009.57481.peter_e@gmx.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers pgsql-patches |
Victor B. Wagner wrote:
> First one is useful if for some reason some ciphers supported by
> OpenSSL is not permitted to use in the particular network, or if
> there is need to use ciphersuites which are not included into default
> ciphersuite list, now compiled into PostgreSQL.
Do you have specific examples where that might be the case?
> Second one can be used for taking cryptography load from server into
> special hardware chip, which can be useful for loaded servers.
> Also, upcoming OpenSSL 0.9.9 allows to add entirely new cryptographic
> algorithms via engines, so engine support allows to use algorithms,
ISTM that that should be in a system-wide OpenSSL configuration, not to
be hacked into each SSL-using application separately. Is that
possible?
--
Peter Eisentraut
http://developer.postgresql.org/~petere/
From | Date | Subject | |
---|---|---|---|
Next Message | Andrew Dunstan | 2006-08-30 22:28:06 | Re: Coding style for emacs |
Previous Message | David Fetter | 2006-08-30 22:05:24 | Re: Coding style for emacs |
From | Date | Subject | |
---|---|---|---|
Next Message | Andrew Dunstan | 2006-08-30 22:28:06 | Re: Coding style for emacs |
Previous Message | David Fetter | 2006-08-30 22:05:24 | Re: Coding style for emacs |