Re: [HACKERS] RE: [INTERFACES] Re: SSL patch

On Tue, 27 Jul 1999, Philip Warner wrote:

> At 01:37 27/07/99 +0300, Hannu Krosing wrote:
> >Philip Warner wrote:
> >>
> >> At 06:24 26/07/99 -0400, D'Arcy" "J.M." Cain wrote:
> >> >Thus spake Hannu Krosing
> >> >> Not to scare anyone away (I like crypto !;), but isn't it illegal to
> >> >> have SSL
> >> >> in an exportable product in US.
> >> >>
> >> >> I guess this should be kept in a separate patch distributed from an
> >> >> non-US site
> >> >> until US government wisens up.
> >> >
> >> >The PostgreSQL server is in Canada. There may still be some issues but
> >> >last time I checked we weren't a US state yet.
> >
> >Good to hear, I was afraid of them being more or less the same
> >crypto-wise.
> >
> >> Even if there are problems, I believe it's OK to export PostgreSQL with
> >> options for SSL support, so long as you don't export SSL.
> >
> >Let's hope so. In US that would be a 'crypto hook' and legally as bad as
> >real crypto.
>
> That's a worry - maybe it would be worth looking at the approach of Apache.
> They have a general 'module' concept, and one of the available modules adds
> SSL. Both mod_ssl, and opensll are available overseas.
>
> Perhaps the same idea could be used in PosgreSQL?
>

I like this idea, does Postgresql (I'm new around here) have a compression
option for slow links? If not the same interfaces that support SSL could
also support a compressed stream, if someone were to invent one. That way
you have a more generalized interface that can't really be considered a
"crypto hook"

This is a big issue for us (we use Sybase at work) going over 56k frame
relay. We have pretty powerful machines at the clients but the network is
a bottleneck. A compressed stream would be very cool.

Brian