Re: SSL configure patch: review

Magnus Hagander escribió:
> Alex Hunsaker wrote:
> > On Fri, Aug 1, 2008 at 13:31, Alvaro Herrera <alvherre@commandprompt.com> wrote:
> >> Something that's bothering me is that PGSSLKEY is inconsistent with the
> >> sslkey conninfo parameter.  PGSSLKEY specifies an engine (basically a
> >> driver for specialized hardware AFAICT) from which the key is to be
> >> loaded, but sslkey is a simple filename.  This means that there's no way
> >> to load a key from hardware if you want to specify it per connection.
> >> Not that I have any such hardware, but it looks bogus.

I think the above consideration needs some discussion too.  Committing
it as-is doesn't seem OK because you can't change it later -- it's
user-visible.

-- 
Alvaro Herrera                                http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.