| From: | Lincoln Yeoh <lyeoh(at)pop(dot)jaring(dot)my> |
|---|---|
| To: | Bear Giles <bgiles(at)coyotesong(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: SASL, compression? |
| Date: | 2002-05-20 06:35:09 |
| Message-ID: | 5.1.0.14.1.20020520134750.02ff54a0@192.228.128.13 |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
What are the benefits of SASL+Postgresql compared to Postgresql over plain SSL?
Coz Postgresql already supports SSL right?
Cheerio,
Link.
At 03:11 PM 5/18/02 -0600, Bear Giles wrote:
>If it's being used in Sendmail, Cyrus IMAP and OpenLDAP, with preliminary
>work (sponsored by Carnegie Mellon University) in supporting it for CVS
>and LPRng and possibly SSH I think it's safe to say it's beyond "vaporware"
>at this point.
>I'm aware of the various tricks you can do - setting the shell to
>/bin/false, requiring RSA authentication and setting the no-tty flag
>in the 'known_keys' file, etc., but at the end of the day there are
>still extra shell accounts on that system.
>
>SSH tunnels are a good stopgap measure while you add true TLS/SSL
>support, but they can't be considered a replacement for that support.
>
>Bear
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bear Giles | 2002-05-20 06:48:48 | revised SSL patches submitted |
| Previous Message | Joe Conway | 2002-05-20 00:40:15 | Re: SRF patch (was Re: [HACKERS] troubleshooting pointers) |