From: | Euler Taveira <euler(at)timbira(dot)com> |
---|---|
To: | Marko Kreen <markokr(at)gmail(dot)com> |
Cc: | Florian Pflug <fgp(at)phlo(dot)org>, Magnus Hagander <magnus(at)hagander(dot)net>, Robert Haas <robertmhaas(at)gmail(dot)com>, Martijn van Oosterhout <kleptog(at)svana(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, Pgsql Hackers <pgsql-hackers(at)postgresql(dot)org>, Claes Jakobsson <claes(at)versed(dot)se> |
Subject: | Re: libpq compression |
Date: | 2012-06-22 16:38:20 |
Message-ID: | 4FE49F7C.9020300@timbira.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 20-06-2012 17:40, Marko Kreen wrote:
> On Wed, Jun 20, 2012 at 10:05 PM, Florian Pflug <fgp(at)phlo(dot)org> wrote:
>> I'm starting to think that relying on SSL/TLS for compression of
>> unencrypted connections might not be such a good idea after all. We'd
>> be using the protocol in a way it quite clearly never was intended to
>> be used...
>
> Maybe, but what is the argument that we should avoid
> on encryption+compression at the same time?
>
> AES is quite lightweight compared to compression, so should
> be no problem in situations where you care about compression.
>
If we could solve compression problem without AES that will turn things
easier. Compression-only via encryption is a weird manner to solve the problem
in the user's POV.
> RSA is noticeable, but only for short connections.
> Thus easily solvable with connection pooling.
>
RSA overhead is not the main problem. SSL/TLS setup is.
> And for really special compression needs you can always
> create a UDF that does custom compression for you.
>
You have to own the code to modify it; it is not always an option.
> So what exactly is the situation we need to solve
> with postgres-specific protocol compression?
>
Compression only support. Why do I need to set up SSL/TLS just for compression?
IMHO SSL/TLS use is no different from relying in another library to handle
compression for the protocol and more it is compression-specific. That way, we
could implement another algorithms in such library without needing to modify
libpq code. Using SSL/TLS you are bounded by what SSL/TLS software products
decide to use as compression algorithms. I'll be happy to maintain the code
iif it is postgres-specific or even as close as possible to core.
--
Euler Taveira de Oliveira - Timbira http://www.timbira.com.br/
PostgreSQL: Consultoria, Desenvolvimento, Suporte 24x7 e Treinamento
From | Date | Subject | |
---|---|---|---|
Next Message | Stefan Kaltenbrunner | 2012-06-22 18:16:20 | random failing builds on spoonbill - backends not exiting... |
Previous Message | Andres Freund | 2012-06-22 16:35:07 | Re: [PATCH 01/16] Overhaul walsender wakeup handling |