Mark Mielke wrote:
> Does the patch handle patched clients connecting to unpatched servers
> and vice versa?
Yes, it is all compatible.
> Cryptographic
> authentication and encrypted data stream cost is high compared to no
> cryptographic authentication or encrypted data streams. I don't know if
> it would impact me or not. Peter: Have you tried running a benchmark of
> localssl vs localnossl?
Good point. I tried this
time for x in $(seq 1 1000); do pg-install/bin/psql -c "select 1" >/dev/null
done
With ssl=off it looks about like this:
real 0m12.909s
user 0m3.712s
sys 0m3.056s
With ssl=on it looks about like this:
real 1m4.741s
user 0m26.638s
sys 0m4.328s
It has been reported that the data transmission overhead is much less than the
connection establishing overhead, which is measured here. But this is
certainly not an encouraging measurement, if we want to put this close to the
default path of use.
--
Peter Eisentraut
http://developer.postgresql.org/~petere/