Re: Any advantage of using SSL with a certificate of authority?

Поиск
Список
Период
Сортировка
От Bruce Momjian
Тема Re: Any advantage of using SSL with a certificate of authority?
Дата
Msg-id 20131126214833.GA9629@momjian.us
обсуждение исходный текст
Ответ на Re: Any advantage of using SSL with a certificate of authority?  (John R Pierce <pierce@hogranch.com>)
Ответы Re: Any advantage of using SSL with a certificate of authority?
Список pgsql-general
Дерево обсуждения 
On Tue, Nov 26, 2013 at 12:30:08PM -0800, John R Pierce wrote:
> On 11/26/2013 12:16 PM, Robin wrote:
>
>      1. A self-signed certificate can be issued by anybody, there is no way of
>         authenticating the issuer.
>      2. Distributing self-signed certificates becomes a pain - if signed by a
>         CA, its easy to lodge your public key where everybody can find it, and
>         knows where to look for it.
>      3. Maintenance becomes a problem
>
>
>
> while that's all true for public https or whatever, none of this applies to a
> point to point connection like libpq -> postmaster.

Right. I know of no mechanism to verify a certificate via a public CA
through SSL.  Browsers have a list of trusted certificates, but SSL
alone doesn't, as far as I know.

--
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + Everyone has their own god. +

В списке pgsql-general по дате отправления: