Re: sslmode patch

Поиск
Список
Период
Сортировка
От Jon Jensen
Тема Re: sslmode patch
Дата
Msg-id Pine.LNX.4.50.0307011954010.1200-100000@louche.swelter.net
обсуждение исходный текст
Ответ на Re: sslmode patch  (Bruce Momjian <pgman@candle.pha.pa.us>)
Ответы Re: sslmode patch  (Bruce Momjian <pgman@candle.pha.pa.us>)
Список pgsql-patches
Дерево обсуждения 
On Tue, 1 Jul 2003, Bruce Momjian wrote:

> > To sum up, there's a new client parameter "sslmode" and environment
> > variable "PGSSLMODE", with these options:
> >
> > sslmode   description
> > -------   -----------
> > prevent   Unencrypted non-SSL only
>
> I think the word 'never' would be more appropriate than 'prevent'.

That sounds fine to me, though it breaks with the pattern of all four
option words being verbs, allowing the user to think "I want to *** SSL
mode for this connect."

> > The only change to the server is a new pg_hba.conf line type,
> > "hostnossl", for specifying connections that are not allowed to use SSL
>
> Should this be 'hostneverssl'?  Nossl implies to me that the host
> doesn't have SSL, which really isn't the issue.

Well, perhaps. But by that logic, "hostssl" would imply that the client
only will do SSL, which the server can't know. Since the server doesn't
know anything about the client ahead of time, I don't read anything into
it. I just think:

    host = apply this line for any kind of connection,
    hostssl = apply this line only to SSL connections, and
    hostnossl = apply this line only to non-SSL connections.

It's unfortunate there's not a more distinctive name for a "regular" or
"plain" or "unencrypted" connection than "no SSL", but I don't think it's
too big of a deal.

> Are out defaults right, that we prefer SSL if client and server can do
> it?  And now have hostnossl(or hostneverssl) to turn it off?

Yes, I think the defaults are good. Users who don't bother to read the
docs will end up with secured connections, which is good, and users
seeking to avoid the SSL overhead can then read the docs and learn how,
and consider how secure their network really is. :)

> I think we can get this into 7.4.

That would be great. It would be good to hear someone else's take on the
above, and also on the code itself, since I'm not a C expert. I was unable
to build docs from SGML yesterday on my machine, and now that I got it to
work, I find I made some markup errors which I've corrected and can
resubmit whenever you're ready.

Jon

В списке pgsql-patches по дате отправления:

Предыдущее
От: Bruce Momjian
Дата:
Сообщение: ecpg warning
Следующее
От: Bruce Momjian
Дата:
Сообщение: Re: sslmode patch