| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
| Cc: | Robbie Harwood <rharwood(at)redhat(dot)com>, PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org>, Nico Williams <nico(at)cryptonector(dot)com> |
| Subject: | Re: [PATCH v18] GSSAPI encryption support |
| Date: | 2018-08-06 14:36:34 |
| Message-ID: | 20180806143633.GJ27724@tamriel.snowman.net |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Heikki,
* Heikki Linnakangas (hlinnaka(at)iki(dot)fi) wrote:
> Sorry if this sounds facetious, but:
>
> What is the point of this patch? What's the advantage of GSSAPI encryption
> over SSL? I was hoping to find the answer by reading the documentation
> changes, but all I can see is "how" to set it up, and nothing about "why".
If you've already got an existing Kerberos environment, then it's a lot
nicer to leverage that rather than having to also implement a full PKI
to support and use SSL-based encryption.
There's also something to be said for having alternatives to OpenSSL.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Charles Cui | 2018-08-06 15:03:23 | Re: [GSoC]The project summary |
| Previous Message | Stephen Frost | 2018-08-06 14:34:27 | Re: Allow COPY's 'text' format to output a header |