| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Negotiating the SCRAM channel binding type |
| Date: | 2018-07-12 09:06:16 |
| Message-ID: | 20180712090616.GH7352@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Jul 12, 2018 at 11:26:30AM +0300, Heikki Linnakangas wrote:
> It seems that all implementations can support tls-server-end-point, after
> all, so I'm not too worried about this anymore. The spec says that it's the
> default, but I don't actually see any advantage to using it over
> tls-server-end-point. I think the main reason for tls-unique to exist is
> that it doesn't require the server to have a TLS certificate, but PostgreSQL
> requires that anyway.
Er. My memories about the spec are a bit different: tls-unique must be
implemented and is the default.
[ ... digging ... ]
Here you go:
https://tools.ietf.org/html/rfc5802#section-6.1
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2018-07-12 09:12:59 | Re: [HACKERS] PoC plpgsql - possibility to force custom or generic plan |
| Previous Message | Amit Langote | 2018-07-12 08:59:02 | Re: BUG #15212: Default values in partition tables don't work as expected and allow NOT NULL violation |