| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Richard Troy <rtroy(at)ScienceTools(dot)com> |
| Cc: | Magnus Hagander <mha(at)sollentuna(dot)net>, Martijn van Oosterhout <kleptog(at)svana(dot)org>, "Henry B(dot) Hotz" <hotz(at)jpl(dot)nasa(dot)gov>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Design Considerations for New Authentication Methods |
| Date: | 2006-11-02 20:25:00 |
| Message-ID: | 20061102202500.GQ24675@kenobi.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Richard Troy (rtroy(at)ScienceTools(dot)com) wrote:
> Would signed certificates be preferred? Well, sure, they're nice. I don't
> object, and in fact welcome some improvements here. For example, I'd love
> the choice of taking an individual user's certificate and authenticating
> completely based upon that. However, while this _seems_ to simplify
> things, it really just trades off with the added cost of managing those
> certs - username/password is slam-dunk simple and has the advantage that
> users can share one authentication.
Username/password is not acceptable in a number of situations. This is
not intended to replace them. This would be in *addition* to supporting
the current auth methods. I don't understand at all how you feel it'd be
nice to have yet shouldn't be done.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Richard Troy | 2006-11-02 20:26:58 | Re: Design Considerations for New Authentication Methods |
| Previous Message | korryd | 2006-11-02 20:16:16 | Re: Coding style question |