From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Álvaro Hernández Tortosa <aht(at)8kdata(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>, PostgreSQL JDBC List <pgsql-jdbc(at)postgresql(dot)org> |
Subject: | Re: [HACKERS] Channel binding support for SCRAM-SHA-256 |
Date: | 2017-05-31 03:49:41 |
Message-ID: | 20170531034941.GH3151@tamriel.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers pgsql-jdbc |
Robert,
* Robert Haas (robertmhaas(at)gmail(dot)com) wrote:
> but without actual interoperability testing it sounds pretty
> speculative to me.
I'm all for interoperability testing.
When we have multiple implementations of TLS using different libraries
with various versions of PostgreSQL and libpq and are able to test those
against other versions of PostgreSQL and libpq compiled with other TLS
libraries, I'll be downright ecstatic. We are a small ways from that
right now, however, and I don't believe that we should be asking the
implementors of channel binding to also implement support for multiple
TLS libraries in PostgreSQL in order to test that their RFC-following
(at least, as far as they can tell) implementation actually works.
I'm not exactly sure what to characterize that as, given that the old
fall-back of "feature creep" feels woefully inadequate as a description.
Thanks!
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | David G. Johnston | 2017-05-31 03:55:19 | Re: pg_config --version-num |
Previous Message | David G. Johnston | 2017-05-31 03:49:08 | Re: pg_config --version-num |
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2017-05-31 13:37:02 | Re: [HACKERS] Channel binding support for SCRAM-SHA-256 |
Previous Message | Álvaro Hernández Tortosa | 2017-05-31 01:50:26 | Re: [JDBC] Channel binding support for SCRAM-SHA-256 |