Re: [HACKERS] Authentification method on client side checking
| От | Michael Paquier |
|---|---|
| Тема | Re: [HACKERS] Authentification method on client side checking |
| Дата | |
| Msg-id | CAB7nPqQOucf4_T9f8EJPm8pbWx6-G_zoLzTP0mQAA6oZxMuhVQ@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: [HACKERS] Authentification method on client side checking (Álvaro Hernández Tortosa <aht@8kdata.com>) |
| Список | pgsql-hackers |
On Mon, Jul 10, 2017 at 9:29 AM, Álvaro Hernández Tortosa <aht@8kdata.com> wrote: > Precisely yesterday I initiated a similar thread: > https://www.postgresql.org/message-id/d4098ef4-2910-c8bf-f1e3-f178ba77c381%408kdata.com > > I think that a) the mere auth mechanism is not enough (channel binding > or not, ssl or not, change a lot the effective security obtained) and b) > maybe a categorization is a better way of specifying a connection security > requirements. > > What's your opinion on this? Any answer should also be coordinated among > the drivers. Before rushing into implementing something that we may not want, let's discuss the matter on the thread spawned by Álvaro and find an agreement and a direction of implementation. I was planning to answer your message with my own thoughts on the matter. Having more control in libpq is definitely something that we should have. -- Michael
В списке pgsql-hackers по дате отправления: