| From: | Seth Robertson <in-pgsql-hackers(at)baka(dot)org> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Subject: | Re: [PATCH] Automatic client certificate selection support for libpq v1 |
| Date: | 2009-05-11 16:36:44 |
| Message-ID: | 200905111636.n4BGaiCA002940@no.baka.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
In message <4A07DB89(dot)2080508(at)hagander(dot)net>, Magnus Hagander writes:
Is NSS available on all the platforms that we are (and that has OpenSSL
today)?
NSS stopped publishing their supported platform list for NSS for some
strange reasons (older version have it). But I'd probably assume that
the list includes AIX, Tru64, HPUX, Linux, Windows, Solaris, Mac OSX.
I specifically don't see signs that they attempt to support the *BSD
platforms, but the *BSD people have working ports.
Generally from almost dozens of minutes of googling, I'd have to say
that in terms of portability and declared actual ports:
OpenSSL >> PostgreSQL >> Mozilla NSS >> GnuTLS
GnuTLS doesn't seem to be as mature as either OpenSSL and Mozilla NSS,
at least in my current hot-button issue of client certificate
validation.
Good luck with that Windows SChannel thing...I didn't find any
opensource program which uses it.
-Seth Robertson
in-pgsql-hackers(at)baka(dot)org
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Seth Robertson | 2009-05-11 16:44:00 | Re: [PATCH] Automatic client certificate selection support for libpq v1 |
| Previous Message | Magnus Hagander | 2009-05-11 15:23:11 | Re: SSL cert chains patch |