Re: Support for NSS as a libpq TLS backend
| От | Daniel Gustafsson |
|---|---|
| Тема | Re: Support for NSS as a libpq TLS backend |
| Дата | |
| Msg-id | AEBA0A7D-2DE1-4FD9-9AE0-DB116961D210@yesql.se обсуждение исходный текст |
| Ответ на | Re: Support for NSS as a libpq TLS backend (Andres Freund <andres@anarazel.de>) |
| Список | pgsql-hackers |
> On 31 Jan 2022, at 22:32, Andres Freund <andres@anarazel.de> wrote: > > Hi, > > On 2022-01-31 14:24:03 +0100, Daniel Gustafsson wrote: >>> On 28 Jan 2022, at 15:30, Robert Haas <robertmhaas@gmail.com> wrote: >>> I would really, really like to have an alternative to OpenSSL for PG. >>> I don't know if this is the right thing, though. If other people are >>> dropping support for it, that's a pretty bad sign IMHO. Later in the >>> thread it says OpenLDAP have dropped support for it already as well. >> >> I'm counting this and Andres' comment as a -1 on the patchset, and given where >> we are in the cycle I'm mark it rejected in the CF app shortly unless anyone >> objects. > > I'd make mine more a -0.2 or so. I'm concerned about the lack of non-code > documentation and the state of code documentation. I'd like an openssl > alternative, although not as much as a few years ago - it seems that the state > of openssl has improved compared to most of the other implementations. IMHO I think OpenSSL has improved over OpenSSL of the past - which is great to see - but they have also diverged themselves into writing a full QUIC implementation which *I personally think* is a distraction they don't need. That being said, there aren't too many other options. -- Daniel Gustafsson https://vmware.com/
В списке pgsql-hackers по дате отправления: