From: | Oliver Jowett <oliver(at)opencloud(dot)com> |
---|---|
To: | Ulrich Meis <kenobi(at)halifax(dot)rwth-aachen(dot)de> |
Cc: | pgsql-jdbc(at)postgresql(dot)org |
Subject: | Re: A solution to the SSL customizing problem |
Date: | 2004-10-12 02:57:36 |
Message-ID: | 416B4820.8040601@opencloud.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-jdbc |
Ulrich Meis wrote:
> On Monday 11 October 2004 22:59, you wrote:
>
>>Ulrich Meis wrote:
>>
>>>I propose a different solution. [...]
>>
>>This seems like a subset of the other solutions suggested. If you can
>>configure the SSLSocketFactory used, you can use a class just like the
>>one you provided without requiring that everyone uses it.
>
>
> Viewpoint one: configurability.
>
> I agree, someone could write that same class. [...]
We could provide such a helper class that implements some policy along
the lines of what your patch implements as a convenience to users, but I
don't think that behaviour should be hardwired into the driver. It's not
the place of the driver to make that sort of policy decision. It needs
to be configurable, and the obvious place to do the configuration is to
allow the user to provide their own SSLSocketFactory level, since that
gives you complete freedom to customize whichever bits of the SSL
handshake you want to.
So I suggest you look at solving the "how do I give the driver an
appropriate SSLSocketFactory" problem first. Once that is solved, the
particular configurable behaviour you want can be easily implemented.
-O
From | Date | Subject | |
---|---|---|---|
Next Message | Ulrich Meis | 2004-10-12 04:20:03 | Re: A solution to the SSL customizing problem |
Previous Message | Ulrich Meis | 2004-10-12 02:32:19 | Re: A solution to the SSL customizing problem |