Tom Lane wrote: > Magnus Hagander <[EMAIL PROTECTED]> writes: >> I would also like to look this over completely - we only support loading >> the KEY from the smartcard, but you still have to manually copy the >> certificate to your machine. I don't know exactly how you're supposed to >> do this in OpenSSL - some googling shows almost nobody else uses the >> functions quite the way we do. So I'd like to look over if we need to do >> more around this later, but this patch should make it possible to use >> keys from different files without breaking backwards compatibility with >> what we had before. So I'm considering that a separate step, that may >> not be done in time for 8.4. > > I'm confused here. Are you proposing user-visible changes that might > not get done in time for 8.4? I don't much like the idea that the API > is going to remain a moving target --- once 8.4 is out you will have > backwards compatibility constraints with whatever it does. It would > be better to avoid extending the feature set beyond what 8.3 can do > until you are certain it's right.
I'm not proposing anything yet - I haven't read up on it. If it does change, though, only the engine-specific stuff would change AFAICT. The new functionality in this patch is all around specifying filenames, so that would not change. And most likely it would not be a change in visible behavior if I get the time to "fix" that - it'll either just be an under-the-hood change, or more likely an extension to the parameters. I see no reason why it should have any user-visible change at all on the stuff that's in this patch. //Magnus -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
