Re: libpq 8.4 beta1: $PGHOST complains about missing root.crt

* Martin Pitt (mpitt@debian.org) wrote:
> For the record, I don't agree. SSL certificate validation is good, and
> should be done as long as you have a cert installed. Encryption
> without authentication is not worth a lot, after all.

I disagree, and you *can* do authentication without SSL!  The big one
being Kerberos/GSSAPI which gives both server and client authentication.
There's a big difference between man-in-the-middle attacks and passive
network monitoring.  Certainly, we should do validation where it's
*possible* to do it, but I don't think we should throw out encryption
just because we don't have a root cert available for use.

If we don't have a certificate it's not possible to validate *anyone*.
That's going to be the case for packagers and I just can't imagine
asking them to ship a broken configuration.

    Thanks,

        Stephen