Re: patch: Client certificate requirements

On Mon, Nov 17, 2008 at 03:04, Magnus Hagander <magnus@hagander.net> wrote:
> Alex Hunsaker wrote:
>> On Sat, Nov 15, 2008 at 17:39, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>>> 2. Root cert file present but we fail to load it: FATAL is probably okay
>>> here, but not with that hint message.
>>
>> Err, I was just trying to be congruent with HEAD.  Currently that's
>> the message you get if we could not "read" the root cert.  (as a LOG,
>> not FATAL). Should just drop the hint and keep the FATAL for this
>> case?
>
> Yes, I think so.
>
> New version of the patch attached.

Looks good to me.

>> Also we check that the private key is at least 0600, should we be
>> doing the same for the root cert?
>
> No need. The certificate is public information. The first thing we do on
> an SSL connection is to send the thing to the client anyway.
>
> We *could* check that it's not writable by anybody else - but do we
> check that for our datafiles which contain the actual passwords and
> such? If not, that would just be strange to do here, really..

Makes sense.

> //Magnus