Re: TODO: GNU TLS

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: Magnus Hagander <magnus(at)hagander(dot)net>, David Fetter <david(at)fetter(dot)org>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, Robert Treat <xzilla(at)users(dot)sourceforge(dot)net>, pgsql-hackers(at)postgresql(dot)org, mark(at)mark(dot)mielke(dot)cc, Martijn van Oosterhout <kleptog(at)svana(dot)org>, Mark Kirkwood <markir(at)paradise(dot)net(dot)nz>
Subject: Re: TODO: GNU TLS
Date: 2006-12-30 19:45:31
Message-ID: 4596C1DB.1010805@hagander.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Stephen Frost wrote:
> * Magnus Hagander (magnus(at)hagander(dot)net) wrote:
>>>> Kerberos is there and it's not too hard to use (though does depend
>>>> on the MIT Kerberos for Windows service currently). Supporting
>>>> SSPI/GSSAPI and then writing a small document on how to generate
>>>> Windows keytabs for Postgres would mean single-sign-on for Windows
>>>> users using applications which use libpq...
>>> Sounds like a nice feature :)
>> We're looking into SSPI/GSSAPI (I think the latest take is to do it
>> through SASL, but I'm not sure) hopefully for 8.3. (we? Mainly Henry B.
>> Holtz, but I'll try to help him out as needed)
>
> While I feel including SASL support would be a good thing I'm not sure
> about it's availability on Windows and so wouldn't want SASL support to
> mean we don't support SSPI directly... I'd also be happy to help with
> any of the above, as best I can (as I think I mentioned before when it
> was brought up...).

Windows has builtin SASL support since Windows 2000. Though a quick look
at the docs right now it looks like it's only supported on server, but
the functions are definitely present on my XP client...

The idea is to get that to work.

//Magnus

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Joshua D. Drake 2006-12-30 19:48:53 Re: TODO: GNU TLS
Previous Message Stephen Frost 2006-12-30 19:44:28 Re: TODO: GNU TLS