Re: Support for NSS as a libpq TLS backend
| От | Andrew Dunstan |
|---|---|
| Тема | Re: Support for NSS as a libpq TLS backend |
| Дата | |
| Msg-id | 8228d950-5bee-d1e9-b0ad-577a854939fa@dunslane.net обсуждение исходный текст |
| Ответ на | Re: Support for NSS as a libpq TLS backend (Daniel Gustafsson <daniel@yesql.se>) |
| Ответы |
Re: Support for NSS as a libpq TLS backend
|
| Список | pgsql-hackers |
On 6/3/21 1:47 PM, Daniel Gustafsson wrote:
>> On 3 Jun 2021, at 19:37, Jeff Davis <pgsql@j-davis.com> wrote:
>>
>> On Tue, 2020-10-27 at 23:39 -0700, Andres Freund wrote:
>>> Maybe we should just have --with-ssl={openssl,nss}? That'd avoid
>>> needing
>>> to check for errors.
>> [ apologies for the late reply ]
>>
>> Would it be more proper to call it --with-tls={openssl,nss} ?
> Well, we use SSL for everything else (GUCs, connection params and env vars etc)
> so I think --with-ssl is sensible.
>
> However, SSL and TLS are used quite interchangeably these days so I think it
> makes sense to provide --with-tls as an alias.
>
Yeah, but it's annoying to have to start every talk I give touching this
subject with the slide that says "When we say SSL we really means TLS".
Maybe release 15 would be a good time to rename user-visible option
names etc, with support for legacy names.
cheers
andrew
--
Andrew Dunstan
EDB: https://www.enterprisedb.com
В списке pgsql-hackers по дате отправления: