On 11/04/13 13:11, Mark Rotteveel wrote:
> On Mon, 04 Nov 2013 11:25:56 +0400, Alex <peshk...@mail.ru> wrote:
>> On 11/03/2013 07:09 PM, Mark Rotteveel wrote:
>>> On 3-11-2013 16:05, Mark Rotteveel wrote:
>>>> I am not sure if this behavior is desirable or correct. Based on the
>>>> documentation ("Enabled behavior depends another side requirements. If
>>>> both sides set to enabled, connection is encrypted") I'd say that
>>>> setting it to Enabled should have been sufficient. The current wire
>>>> protocol implementation of Jaybird does not support encryption. I'd
>>>> expect not having encryption support would in itself imply 'Disabled'
>>>> for the client and if the server then is configured for 'Enabled' then
>>>> no encryption should be required (as implied by the documentation).
>>> Also I'd expect that having legacy_auth enabled for AuthServer in
> itself
>>> would also imply that encryption is not required.
>> No. User must _explicitly_ set lower security level himself. Or we will
>> be very soon asked: why with Required by default encryption and no my
>> changes regarding it I have an unencrypted connection?
> Then at least this needs to be explicitly documented near AuthServer *and*
> WireCrypt, and I'd suggest that the installer sets WireCrypt to Enabled
> (instead of Required) when legacy authentication is enabled in the
> installer.
>Agreed with both. ------------------------------------------------------------------------------ November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
