On Wed, Apr 3, 2019 at 08:49:25AM +0200, Magnus Hagander wrote: > On Wed, Apr 3, 2019 at 12:22 AM Joe Conway <m...@joeconway.com> wrote: > Personally I don't find it as confusing as is either, and I find hostgss > to be a good analog of hostssl. On the other hand hostgssenc is long and > unintuitive. So +1 for leaving as is and -1 one for changing it IMHO. > > > I think for those who are well versed in pg_hba (and maybe gss as well), it's > not confusing. That includes me. > > However, for a new user, I can definitely see how it can be considered > confusing. And confusion in *security configuration* is always a bad idea, > even > if it's just potential. > > Thus +1 on changing it. > > If it was on the table it might have been better to keep hostgss and change > the > authentication method to gssauth or something, but that ship sailed *years* > ago.
Uh, did we consider keeping hostgss and changing the auth part at the end to "gssauth"? -- Bruce Momjian <br...@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription +
