On Thu, Oct 18, 2012 at 1:32 PM, Simon Riggs <simon@2ndquadrant.com> wrote:
> On 18 October 2012 12:20, Magnus Hagander <magnus@hagander.net> wrote:
>
>> 2. ident-over-unix-sockets was renamed to "peer" in 9.1, with the old
>> syntax deprecated but still mapping to the new one. Has it been there
>> long enough that we should start throwing an error for ident on unix?
>
> Any reason to remove? Having two names for same thing is a happy place
> for users with bad/fond memories. It costs little and no errors are
> associated with using the old name (are there?).
The only real reason for that one would be confusion. e.g. using ident
over tcp is for most people very insecure, whereas ident over unix
sockets is very secure. there are exceptions to both those, but for
the majority of cases we are using the same name for one thing that
has very good security and one that has very bad. And confusion when
it comes to security is usually not a good thing.
The krb5 one is more about maintaining code, but there is not much
cost to keeping ident-over-unix, that's true.
-- Magnus HaganderMe: http://www.hagander.net/Work: http://www.redpill-linpro.com/