| From: | Marko Tiikkaja <marko(at)joh(dot)to> |
|---|---|
| To: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com>, Abhijit Menon-Sen <ams(at)2ndQuadrant(dot)com>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
| Cc: | Jeff Janes <jeff(dot)janes(at)gmail(dot)com>, Joel Jacobson <joel(at)trustly(dot)com>, Thomas Munro <munro(at)ip9(dot)org>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: pgcrypto: PGP signatures |
| Date: | 2014-10-02 12:12:29 |
| Message-ID: | 542D412D.2010208@joh.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 10/2/14 1:47 PM, Heikki Linnakangas wrote:
> I looked at this briefly, and was surprised that there is no support for
> signing a message without encrypting it. Is that intentional? Instead of
> adding a function to encrypt and sign a message, I would have expected
> this to just add a new function for signing, and you could then pass it
> an already-encrypted blob, or plaintext.
Yes, that's intentional. The signatures are part of the encrypted data
here, so you can't look at a message and determine who sent it.
There was brief discussion about this upthread (though no one probably
added any links to those discussions into the commit fest app), and I
still think that both types of signing would probably be valuable. But
this patch is already quite big, and I really have no desire to work on
this "sign anything" functionality. The pieces are there, though, so if
someone wants to do it, I don't see why they couldn't.
.marko
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2014-10-02 12:23:09 | Re: Dynamic LWLock tracing via pg_stat_lwlock (proof of concept) |
| Previous Message | Pavel Stehule | 2014-10-02 11:51:30 | proposal: doc: simplify examples of dynamic SQL |