On 2019-02-18 16:32, Stephen Frost wrote:
> Considering this is only the second encryption protocol in the project's
> lifetime, I agree that using callbacks would be overkill here. What
> other encryption protocols are you thinking we would be adding here? I
> think most would be quite hard-pressed to name a second general-purpose
> one beyond TLS/SSL, and those who can almost certainly would say GSS,
> but a third? Certainly OpenSSH has its own, but it's not intended to be
> general purpose and I can't see us adding support for OpenSSH's
> encryption protocol to PG.
I did look into an SSH-based encryption layer at one point. It's
certainly attractive in terms of simplicity over SSL. But your point
stands nonetheless, for two or three plausible implementations, we don't
necessarily need a generic plugin system.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services