Re: more verbose SSL session info for psql
| От | John Gray |
|---|---|
| Тема | Re: more verbose SSL session info for psql |
| Дата | |
| Msg-id | 1021571189.1379.2.camel@adzuki обсуждение исходный текст |
| Ответ на | more verbose SSL session info for psql (Bear Giles <bgiles@coyotesong.com>) |
| Список | pgsql-patches |
On Thu, 2002-05-16 at 05:28, Bear Giles wrote: [snip] > > with the moderately more useful > > encrypted connection to eris.example.com > Chaos and Despair, Unlimited. > Turmoil Division > (cipher: DES-CBC3-SHA, bits 168) > > (Specifically, the "common name", "organization name" and > "organizational unit name" fields of the server's cert.) > > Before anyone else points it out, anyone can put anything they want > into their own self-signed cert. So the value of this is limited > until there's either a trusted local root cert store (like what > web browsers use) or a trusted PKIX infrastructure. But it's better > than nothing if you routinely connect to multiple servers, and it > will get people used to seeing the information. > Would it be useful therefore to add [unverified] to the start of the listing -a trusted certificate verification option later would make this [verified]? Then the format doesn't change once you implement a trusted certificate infrastructure. Regards John -- John Gray Azuli IT www.azuli.co.uk
В списке pgsql-patches по дате отправления: