Magnus Hagander wrote: > Attached patch cleans up the certificate verification in libpq, and adds > a configuration paraqmeter to control it. The new parameter is > "sslverify", and can be set to:
Because SSL offers both encryption and authentication, I wonder if we should call this "sslauthenticate". > * cn = default = will validate that the certificate chains to a trusted > root, *and* that the cn on the certificate matches the hostname > specificed in the connection. This is the only option that prevents > man-in-the-middle attacks completely, and therefor is the default. Should this be "commonname"? > * cert = what we had before if there was a root certificate file = will > validate that the certificate chains to a trusted root, but ignore the cn. Should this be "chain"? > * none = will disable certificate validation completely > > > This means that the connection string is now in charge of the security > policy, and not just the "if file exists or not". IMHO this is the only > proper way to do it. Now, if you for some reason loose the root Agreed. -- Bruce Momjian <[EMAIL PROTECTED]> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. + -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
