| From: | "Fujii Masao" <masao(dot)fujii(at)gmail(dot)com> |
|---|---|
| To: | "Simon Riggs" <simon(at)2ndquadrant(dot)com> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Sync Rep: First Thoughts on Code |
| Date: | 2008-12-04 08:57:23 |
| Message-ID: | 3f0b79eb0812040057tb339dafh2b1c7d97d57e788f@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On Wed, Dec 3, 2008 at 3:38 PM, Fujii Masao <masao(dot)fujii(at)gmail(dot)com> wrote:
>>> > Do we need to worry about periodic
>>> > renegotiation of keys in be-secure.c?
>>>
>>> What is "keys" you mean?
>>
>> See the notes in that file for explanation.
>
> Thanks! I would check it.
The key is used only when we use SSL for the connection of
replication. As far as I examined, secure_write() renegotiates
the key if needed. Since walsender calls secure_write() when
sending the WAL to the standby, the key is renegotiated
periodically. So, I think that we don't need to worry about the
obsolescence of the key. Am I missing something?
Regards,
--
Fujii Masao
NIPPON TELEGRAPH AND TELEPHONE CORPORATION
NTT Open Source Software Center
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zdenek Kotala | 2008-12-04 08:58:33 | Re: In-place upgrade: catalog side |
| Previous Message | Gregory Stark | 2008-12-04 08:36:33 | Re: Simple postgresql.conf wizard |