From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | Abhijit Menon-Sen <ams(at)2ndQuadrant(dot)com> |
Cc: | MauMau <maumau307(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Fujii Masao <masao(dot)fujii(at)gmail(dot)com>, Ian Barwick <ian(at)2ndquadrant(dot)com>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: pgaudit - an auditing extension for PostgreSQL |
Date: | 2014-07-02 12:36:43 |
Message-ID: | 20140702123643.GC16422@tamriel.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
* Abhijit Menon-Sen (ams(at)2ndQuadrant(dot)com) wrote:
> I foresee lots of disappointment, then. I don't think even Stephen is
> advocating NIST-compliance as the *baseline* for serious auditing in
> core, just that we need a design that lets us get there sometime.
Agreed. I'm not suggesting that we must be fully NIST/PCI-DSS/whatever
compliant before we add anything but rather that we have a plan for how
to get there. Note that the plan is needed primairly to ensure that we
don't end up in a situation that makes it difficult to move forward in
the future due to compatibility or upgrade issues.
Thanks,
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2014-07-02 12:46:57 | Re: pgaudit - an auditing extension for PostgreSQL |
Previous Message | Michael Paquier | 2014-07-02 12:28:35 | Re: New functions in sslinfo module |