Re: [PATCH] Automatic client certificate selection support for libpq v1

Great, TODO item removed, thanks.

---------------------------------------------------------------------------

On Mon, Mar 31, 2025 at 04:29:39PM -0400, Seth Robertson wrote:
>
> Yes, at first glance the service file looks like it should work and is
> a much more elegant and generic method than my proposed hack. I can't
> trivially tell if the ssl configuration aspect of it was available in
> 8.3/8.4, but that isn't overly relevant since it is certainly
> available now.
>
> Thanks!
> -Seth Robertson
>
> From: Jacob Champion
> Date: Mon, 31 Mar 2025 09:52:49 -0700
> To: Seth Robertson,
> To: Robin Haberkorn
> Subject: Re: [PATCH] Automatic client certificate selection support for libpq v1
>
> On Mon, Mar 31, 2025 at 9:01 AM Seth Robertson
> <in-pgsql-hackers(at)baka(dot)org> wrote:
> > Third, the only real use case where this feature would be critical is
> > a client which needs to have connections to two different PostgreSQL
> > servers at the same time. Those applications are likely fairly rare
> > and doing custom programming to support different filenames would
> > likely be warranted.
>
> Can this be handled well enough with a service file?
>
> > Given the lack of "me too" or "+1" posts over the past 16 years, I
> > suspect there may be features with higher user benefit. I would not
> > cry if it gets removed.
>
> Yeah, at least not without a solid use case. (If anyone does feel
> motivated to pick it up, be aware of the server-side SNI work [1].
> It'd be nice if the two halves were complementary -- or at minimum,
> not clashing with each other.)
>
> Thanks!
> --Jacob
>
> [1] https://postgr.es/m/1C81CD0D-407E-44F9-833A-DD0331C202E5%40yesql.se
>
>

--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com

Do not let urgent matters crowd out time for investment in the future.